First published: Wed Aug 26 2020(Updated: )
An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. They allow XSS via spoofed Release Notes on the Firmware Upgrade page.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Asus Rt-ac1900p Firmware | <3.0.0.4.385.20253 | |
ASUS RT-AC1900P |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-15499.
The severity of CVE-2020-15499 is medium with a CVSS score of 6.1.
The affected software for CVE-2020-15499 is ASUS RT-AC1900P routers before 3.0.0.4.385_20253.
CVE-2020-15499 allows XSS attacks via spoofed Release Notes on the Firmware Upgrade page of ASUS RT-AC1900P routers.
Yes, the fix for CVE-2020-15499 is to update the firmware of ASUS RT-AC1900P routers to version 3.0.0.4.385_20253 or higher.