CVE-2018-20333: Infoleak
First published: Fri Mar 20 2020(Updated: )
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Asuswrt-Merlin | =3.0.0.4.384.20308 | |
| ASUS ROG Rapture GT-AC2900 | ||
| ASUS ROG Rapture GT-AC5300 | ||
| ASUS GT-AX11000 Firmware | ||
| ASUS RT-AC1200G | ||
| ASUS RT-AC1200 v2 | ||
| ASUS RT-AC1200G Firmware | ||
| ASUS RT-AC1200GE | ||
| ASUS RT-AC1750 B1 Firmware | ||
| ASUS RT-AC1750 | ||
| ASUS RT-AC1900P Firmware | ||
| ASUS RT-AC3100 | ||
| ASUS routers | ||
| ASUS RT-AC51U firmware | ||
| ASUS RT-AC5300 firmware | ||
| ASUS RT-AC55U | ||
| ASUS RT-AC56R Firmware | ||
| ASUS RT-AC56S | ||
| ASUS RT-AC56U Firmware | ||
| ASUS rt-ac66r firmware | ||
| ASUS RT-AC66U firmware | ||
| ASUS RT-AC66U B1 | ||
| ASUS RT-AC66U firmware | ||
| ASUS RT-AC68P Firmware | ||
| ASUS 4G-AC68U | ||
| ASUS RT-AC86U firmware | ||
| ASUS RT-AC87U Firmware | ||
| ASUS RT-AC88U Firmware | ||
| ASUS RT-ACRH12 | ||
| ASUS RT-ACRH13 firmware | ||
| ASUS routers | ||
| ASUS RT-AX56U firmware | ||
| ASUS RT-AX58U Firmware | ||
| ASUS RT-AX88U Firmware | ||
| ASUS RT-AX92U Firmware | ||
| Asus Rt-g32 Firmware | ||
| Asus RT-N10+ D1 firmware | ||
| ASUS routers | ||
| ASUS RT-N14U firmware | ||
| ASUS RT-N16 firmware | ||
| ASUS Router | ||
| ASUS RT-N56R | ||
| ASUS routers | ||
| ASUS RT-N600 firmware | ||
| ASUS RT-N65U Firmware | ||
| ASUS RT-N66R | ||
| Asus EA-N66 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-20333?
The severity of CVE-2018-20333 is high, with a severity value of 7.5.
How does CVE-2018-20333 affect ASUSWRT 3.0.0.4.384.20308?
CVE-2018-20333 allows an unauthenticated user to determine if a USB device is attached to the router and if there are apps installed on the router.
Is ASUS GT-AC2900 vulnerable to CVE-2018-20333?
No, ASUS GT-AC2900 is not vulnerable to CVE-2018-20333.
How can I fix CVE-2018-20333 in ASUSWRT 3.0.0.4.384.20308?
To fix CVE-2018-20333, update ASUSWRT to a version that is not affected by the vulnerability.
Where can I find more information about CVE-2018-20333?
You can find more information about CVE-2018-20333 at the following link: [https://starlabs.sg/advisories/18-20333/](https://starlabs.sg/advisories/18-20333/)
- agent/type
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/last-modified-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/asus
- canonical/asuswrt-merlin
- version/asuswrt-merlin/3.0.0.4.384.20308
- canonical/asus rog rapture gt-ac2900
- canonical/asus rog rapture gt-ac5300
- canonical/asus gt-ax11000 firmware
- canonical/asus rt-ac1200g
- canonical/asus rt-ac1200 v2
- canonical/asus rt-ac1200g firmware
- canonical/asus rt-ac1200ge
- canonical/asus rt-ac1750 b1 firmware
- canonical/asus rt-ac1750
- canonical/asus rt-ac1900p firmware
- canonical/asus rt-ac3100
- canonical/asus routers
- canonical/asus rt-ac51u firmware
- canonical/asus rt-ac5300 firmware
- canonical/asus rt-ac55u
- canonical/asus rt-ac56r firmware
- canonical/asus rt-ac56s
- canonical/asus rt-ac56u firmware
- canonical/asus rt-ac66r firmware
- canonical/asus rt-ac66u firmware
- canonical/asus rt-ac66u b1
- canonical/asus rt-ac68p firmware
- canonical/asus 4g-ac68u
- canonical/asus rt-ac86u firmware
- canonical/asus rt-ac87u firmware
- canonical/asus rt-ac88u firmware
- canonical/asus rt-acrh12
- canonical/asus rt-acrh13 firmware
- canonical/asus rt-ax56u firmware
- canonical/asus rt-ax58u firmware
- canonical/asus rt-ax88u firmware
- canonical/asus rt-ax92u firmware
- canonical/asus rt-g32 firmware
- canonical/asus rt-n10+ d1 firmware
- canonical/asus rt-n14u firmware
- canonical/asus rt-n16 firmware
- canonical/asus router
- canonical/asus rt-n56r
- canonical/asus rt-n600 firmware
- canonical/asus rt-n65u firmware
- canonical/asus rt-n66r
- canonical/asus ea-n66