Vulnerabilities > Asus > RP Ac52 Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-07-13 CVE-2016-6558 Command Injection vulnerability in Asus products
A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter.
network
low complexity
asus CWE-77
critical
9.8
2018-07-13 CVE-2016-6557 Cross-Site Request Forgery (CSRF) vulnerability in Asus products
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user.
network
low complexity
asus CWE-352
8.8