First published: Fri Jul 13 2018(Updated: )
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Asus Rp-ac52 Firmware | <=1.0.1.1s | |
ASUS RP-AC52 | ||
Asus Ea-n66 Firmware | ||
Asus Ea-n66 | ||
Asus Rp-n12 Firmware | ||
Asus Rp-n12 | ||
Asus Rp-n14 Firmware | ||
Asus Rp-n14 | ||
Asus Rp-n53 Firmware | ||
Asus Rp-n53 | ||
Asus Rp-ac56 Firmware | ||
Asus Rp-ac56 | ||
Asus Wmp-n12 Firmware | ||
Asus Wmp-n12 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.