CVE-2020-15499: XSS
First published: Wed Aug 26 2020(Updated: )
An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. They allow XSS via spoofed Release Notes on the Firmware Upgrade page.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Asus Rt-ac1900p Firmware | <3.0.0.4.385.20253 | |
| ASUS RT-AC1900P |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-15499.
What is the severity of CVE-2020-15499?
The severity of CVE-2020-15499 is medium with a CVSS score of 6.1.
What is the affected software for CVE-2020-15499?
The affected software for CVE-2020-15499 is ASUS RT-AC1900P routers before 3.0.0.4.385_20253.
How does CVE-2020-15499 impact the affected ASUS RT-AC1900P routers?
CVE-2020-15499 allows XSS attacks via spoofed Release Notes on the Firmware Upgrade page of ASUS RT-AC1900P routers.
Is there a fix available for CVE-2020-15499?
Yes, the fix for CVE-2020-15499 is to update the firmware of ASUS RT-AC1900P routers to version 3.0.0.4.385_20253 or higher.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/event
- agent/description
- agent/tags
- agent/first-publish-date
- vendor/asus
- canonical/asus rt-ac1900p firmware
- canonical/asus rt-ac1900p