Vulnerabilities > Asus > Asuswrt > 3.0.0.4.378
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-05 | CVE-2022-26376 | Out-of-bounds Write vulnerability in multiple products A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. | 9.8 |
2018-01-31 | CVE-2017-15656 | Insufficiently Protected Credentials vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743 Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt. | 4.0 |
2018-01-31 | CVE-2017-15654 | Use of Insufficiently Random Values vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743 Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access. | 7.6 |
2018-01-22 | CVE-2018-6000 | Missing Authorization vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743/3.0.0.4.384.20308 An issue was discovered in AsusWRT before 3.0.0.4.384_10007. | 10.0 |
2018-01-22 | CVE-2018-5999 | Unspecified vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743/3.0.0.4.384.20308 An issue was discovered in AsusWRT before 3.0.0.4.384_10007. | 10.0 |