Описание
The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to access the admin interface by changing the admin password without authentication via a POST request to Advanced_System_Content.asp with the uiViewTools_username=admin&uiViewTools_Password= and uiViewTools_PasswordConfirm= substrings.
Ссылки
- Third Party Advisory
- Not ApplicableVendor Advisory
- Third Party Advisory
- Not ApplicableVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:asus:dsl-n17u_firmware:1.1.0.2:*:*:*:*:*:*:*
cpe:2.3:h:asus:dsl-n17u:-:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00365
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to access the admin interface by changing the admin password without authentication via a POST request to Advanced_System_Content.asp with the uiViewTools_username=admin&uiViewTools_Password= and uiViewTools_PasswordConfirm= substrings.
EPSS
Процентиль: 58%
0.00365
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-287