Описание
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*
Конфигурация 2Версия до 3.0.0.4.374.x (включая)
Одновременно
cpe:2.3:o:asus:rt_series_firmware:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:asus:rt-ac56r:*:*:*:*:*:*:*:*
cpe:2.3:h:asus:rt-ac66r:*:*:*:*:*:*:*:*
cpe:2.3:h:asus:rt-ac66u:*:*:*:*:*:*:*:*
cpe:2.3:h:asus:rt-ac68u:*:*:*:*:*:*:*:*
cpe:2.3:h:asus:rt-n56r:*:*:*:*:*:*:*:*
cpe:2.3:h:asus:rt-n56u:*:*:*:*:*:*:*:*
cpe:2.3:h:asus:rt-n66r:*:*:*:*:*:*:*:*
cpe:2.3:h:asus:rt-n66u:*:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00243
Низкий
7.1 High
CVSS2
Дефекты
CWE-345
Связанные уязвимости
github
больше 3 лет назад
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.
EPSS
Процентиль: 47%
0.00243
Низкий
7.1 High
CVSS2
Дефекты
CWE-345