Vulnerabilities > Asus

DATE CVE VULNERABILITY TITLE RISK
2018-01-22 CVE-2018-6000 Missing Authorization vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743/3.0.0.4.384.20308
An issue was discovered in AsusWRT before 3.0.0.4.384_10007.
network
low complexity
asus CWE-862
critical
 9.8
9.8
2018-01-22 CVE-2018-5999 Unspecified vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743/3.0.0.4.384.20308
An issue was discovered in AsusWRT before 3.0.0.4.384_10007.
network
low complexity
asus
critical
 9.8
9.8
2017-11-21 CVE-2017-5712 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.
network
low complexity
intel asus siemens CWE-119
7.2
7.2
2017-11-21 CVE-2017-5711 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.
local
low complexity
intel asus siemens CWE-119
7.8
7.8
2017-08-18 CVE-2017-12593 Cross-Site Request Forgery (CSRF) vulnerability in Asus Dsl-N10S Firmware V2.1.16Apac
ASUS DSL-N10S V2.1.16_APAC devices allow CSRF.
network
low complexity
asus CWE-352
8.8
8.8
2017-08-18 CVE-2017-12592 Unspecified vulnerability in Asus Dsl-N10S Firmware V2.1.16Apac
ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation vulnerability.
network
low complexity
asus
8.8
8.8
2017-08-18 CVE-2017-12591 Cross-site Scripting vulnerability in Asus Dsl-N10S Firmware V2.1.16Apac
ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored cross site scripting, as demonstrated by the snmpSysName parameter.
network
low complexity
asus CWE-79
5.4
5.4
2017-05-10 CVE-2017-8878 Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow remote authenticated users to discover the Wi-Fi password via WPS_info.xml.
network
low complexity
asus CWE-200
6.5
6.5
2017-05-10 CVE-2017-8877 Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266
ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID.
network
low complexity
asus CWE-200
6.5
6.5
2017-05-10 CVE-2017-5892 Information Exposure vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map.
network
low complexity
asus CWE-200
7.5
7.5