Vulnerabilities > Asus > RT N66U
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-20 | CVE-2018-20335 | Improper Input Validation vulnerability in Asus Asuswrt 3.0.0.4.384.20308 An issue was discovered in ASUSWRT 3.0.0.4.384.20308. | 7.8 |
| 2020-03-20 | CVE-2018-20334 | OS Command Injection vulnerability in Asus Asuswrt 3.0.0.4.384.20308 An issue was discovered in ASUSWRT 3.0.0.4.384.20308. | 10.0 |
| 2020-03-20 | CVE-2018-20333 | Information Exposure vulnerability in Asus Asuswrt 3.0.0.4.384.20308 An issue was discovered in ASUSWRT 3.0.0.4.384.20308. | 5.0 |
| 2015-02-01 | CVE-2014-7270 | Cross-Site Request Forgery (CSRF) vulnerability in Asus products Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allows remote attackers to hijack the authentication of arbitrary users. | 6.8 |
| 2015-02-01 | CVE-2014-7269 | OS Command Injection vulnerability in Asus products ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified vectors. | 6.5 |
| 2015-01-08 | CVE-2014-9583 | Permissions, Privileges, and Access Controls vulnerability in multiple products common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. | 10.0 |
| 2014-11-04 | CVE-2014-2718 | Insufficient Verification of Data Authenticity vulnerability in multiple products ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image. | 7.1 |
| 2013-07-26 | CVE-2013-4937 | Unspecified vulnerability in Asus products Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors. | 10.0 |