Vulnerabilities > Asus > RT Ac66U
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-20 | CVE-2018-20335 | Improper Input Validation vulnerability in Asus Asuswrt 3.0.0.4.384.20308 An issue was discovered in ASUSWRT 3.0.0.4.384.20308. | 7.8 |
| 2020-03-20 | CVE-2018-20334 | OS Command Injection vulnerability in Asus Asuswrt 3.0.0.4.384.20308 An issue was discovered in ASUSWRT 3.0.0.4.384.20308. | 10.0 |
| 2020-03-20 | CVE-2018-20333 | Information Exposure vulnerability in Asus Asuswrt 3.0.0.4.384.20308 An issue was discovered in ASUSWRT 3.0.0.4.384.20308. | 5.0 |
| 2020-01-28 | CVE-2013-3093 | Cross-Site Request Forgery (CSRF) vulnerability in Asus products ASUS RT-N56U devices allow CSRF. | 9.3 |
| 2019-11-21 | CVE-2018-8879 | Out-of-bounds Write vulnerability in Asus Rt-Ac66U Firmware Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. | 7.5 |
| 2019-11-13 | CVE-2013-4656 | Path Traversal vulnerability in Asus Rt-Ac66U Firmware and Rt-N56U Firmware Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service. | 10.0 |
| 2018-04-20 | CVE-2018-8826 | Improper Input Validation vulnerability in Asus products ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
| 2017-03-14 | CVE-2013-4659 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. | 10.0 |
| 2015-01-08 | CVE-2014-9583 | Permissions, Privileges, and Access Controls vulnerability in multiple products common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. | 10.0 |
| 2014-11-04 | CVE-2014-2718 | Insufficient Verification of Data Authenticity vulnerability in multiple products ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image. | 7.1 |