CVE-2021-3229

Опубликовано: 05 фев. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 7.8

EPSS Низкий

Описание

Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.384_10177 and earlier versions allows an attacker to disrupt the use of device setup services via continuous login error.

Ссылки

https://dlcdnimgs.asus.com/websites/global/productcustomizedTab/562/ASUSWRT%20portal%20feature.pdf
Product
Vendor Advisory
https://github.com/fullbbadda1208/CVE-2021-3229
Exploit
Third Party Advisory
https://www.asus.com/us/ASUSWRT/
Product
Vendor Advisory
https://dlcdnimgs.asus.com/websites/global/productcustomizedTab/562/ASUSWRT%20portal%20feature.pdf
Product
Vendor Advisory
https://github.com/fullbbadda1208/CVE-2021-3229
Exploit
Third Party Advisory
https://www.asus.com/us/ASUSWRT/
Product
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:asus:rt-ax3000_firmware:*:*:*:*:*:*:*:*

Версия до 3.0.0.4.384_10177 (включая)

cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00623

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-rf52-3f4q-fcfq

github

больше 3 лет назад