3.0.0.4.384.32738

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

asus

CWE-476

NVD

Published: 2018-09-17

Updated: 2019-01-18

Summary

blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (NULL pointer dereference and device crash) via a request that lacks a timestap parameter.

Vulnerable Configurations

Part	Description	Count
OS	Asus Asus GT Ac5300 Firmware 3.0.0.4.384.21140 Asus GT Ac5300 Firmware 3.0.0.4.384.32738	2
Hardware	Asus Asus GT Ac5300 -	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://github.com/PAGalaxyLab/VulInfo/tree/master/ASUS/GT-AC5300/dos1