VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Asus
>
Asuswrt
> 3.0.0.4.380.7743
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-08-05
CVE-2022-26376
A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7..
network
low complexity
asus
asuswrt-merlin
critical
9.8
9.8
2018-01-31
CVE-2017-15656
Insufficiently Protected Credentials vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt.
network
low complexity
asus
CWE-522
8.8
8.8
2018-01-31
CVE-2017-15654
Use of Insufficiently Random Values vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743
Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access.
network
high complexity
asus
CWE-330
8.3
8.3
2018-01-22
CVE-2018-6000
Missing Authorization vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743/3.0.0.4.384.20308
An issue was discovered in AsusWRT before 3.0.0.4.384_10007.
network
low complexity
asus
CWE-862
critical
9.8
9.8
2018-01-22
CVE-2018-5999
Unspecified vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743/3.0.0.4.384.20308
An issue was discovered in AsusWRT before 3.0.0.4.384_10007.
network
low complexity
asus
critical
9.8
9.8