Filtered by vendor Asus
Subscribe
Total
266 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-11063 | 1 Asus | 1 Smarthome | 2024-02-28 | 8.3 HIGH | 8.8 HIGH |
A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway (HG100) via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
CVE-2018-20336 | 1 Asus | 2 Asuswrt-merlin, Rt-ac68u | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. There is a stack-based buffer overflow issue in parse_req_queries function in wanduck.c via a long string over UDP, which may lead to an information leak. | |||||
CVE-2018-14710 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute JavaScript via the "hook" URL parameter. | |||||
CVE-2019-10709 | 1 Asus | 1 Precision Touchpad | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \\.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call. | |||||
CVE-2018-14711 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
Missing cross-site request forgery protection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to cause state-changing actions with specially crafted URLs. | |||||
CVE-2018-14980 | 1 Asus | 2 Zenfone 3 Max, Zenfone 3 Max Firmware | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode=24, versionName=7.0) that has been modified by ASUS or another entity in the supply chain. The system_server process in the core android package has an exported broadcast receiver that allows any app co-located on the device to programmatically initiate the taking of a screenshot and have the resulting screenshot be written to external storage (i.e., sdcard). The taking of a screenshot is not transparent to the user; the device has a screen animation as the screenshot is taken and there is a notification indicating that a screenshot occurred. If the attacking app also requests the EXPAND_STATUS_BAR permission, it can wake the device up using certain techniques and expand the status bar to take a screenshot of the user's notifications even if the device has an active screen lock. The notifications may contain sensitive data such as text messages used in two-factor authentication. The system_server process that provides this capability cannot be disabled, as it is part of the Android framework. The notification can be removed by a local Denial of Service (DoS) attack to reboot the device. | |||||
CVE-2019-11061 | 1 Asus | 2 Hg100, Hg100 Firmware | 2024-02-28 | 4.8 MEDIUM | 8.1 HIGH |
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
CVE-2018-14713 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-02-28 | 5.5 MEDIUM | 8.1 HIGH |
Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter. | |||||
CVE-2017-17944 | 1 Asus | 2 Hivivo, Vivobaby | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation. | |||||
CVE-2017-17945 | 1 Asus | 2 Hivivo, Vivobaby | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation. | |||||
CVE-2019-11060 | 1 Asus | 2 Hg100, Hg100 Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time. CVSS 3.0 Base score 7.4 (Availability impacts). CVSS vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H). | |||||
CVE-2018-18287 | 1 Asus | 2 Rt-ac58u, Rt-ac58u Firmware | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
On ASUS RT-AC58U 3.0.0.4.380_6516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the Main_Login.asp page. | |||||
CVE-2016-6558 | 1 Asus | 14 Ea-n66, Ea-n66 Firmware, Rp-ac52 and 11 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The action_script parameter specifies a script to be executed if the action_mode parameter does not contain a valid state. If the input provided by action_script does not match one of the hard coded options, then it will be executed as the argument of either a system() or an eval() call allowing arbitrary commands to be executed. | |||||
CVE-2018-18536 | 1 Asus | 2 Aura Sync, Aura Sync Firmware | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges. | |||||
CVE-2018-11492 | 1 Asus | 2 Hg100, Hg100 Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
ASUS HG100 devices allow denial of service via an IPv4 packet flood. | |||||
CVE-2018-18537 | 1 Asus | 2 Aura Sync, Aura Sync Firmware | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address. | |||||
CVE-2018-17023 | 1 Asus | 2 Gt-ac5300, Gt-ac5300 Firmware | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 routers with firmware through 3.0.0.4.384_32738 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm. | |||||
CVE-2018-18291 | 1 Asus | 2 Rt-ac58u, Rt-ac58u Firmware | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
A cross site scripting (XSS) vulnerability on ASUS RT-AC58U 3.0.0.4.380_6516 devices allows remote attackers to inject arbitrary web script or HTML via Advanced_ASUSDDNS_Content.asp, Advanced_WSecurity_Content.asp, Advanced_Wireless_Content.asp, Logout.asp, Main_Login.asp, MobileQIS_Login.asp, QIS_wizard.htma, YandexDNS.asp, ajax_status.xml, apply.cgi, clients.asp, disk.asp, disk_utility.asp, or internet.asp. | |||||
CVE-2018-11491 | 1 Asus | 2 Hg100, Hg100 Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution. | |||||
CVE-2016-6557 | 1 Asus | 14 Ea-n66, Ea-n66 Firmware, Rp-ac52 and 11 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request. |