Bigbear

**Name of the Vulnerable Software and Affected Versions** ASUS GT-AC5300 devices with firmware through 3.0.0.4.384 32738 **Description** The issue allows remote attackers to cause a denial of service. This can be achieved by sending a single "GET / HTTP/1.1r " line to the API endpoint "GET /". No information is provided about the estimated number of potentially affected devices or real-world incidents. **Recommendations** For firmware versions through 3.0.0.4.384 32738, as a temporary workaround, consider restricting access to the "GET /" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ASUS GT-AC5300 devices with firmware through 3.0.0.4.384 32738 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `appGet.cgi` hook parameter. This could potentially lead to unauthorized actions on the device. **Recommendations** For firmware versions through 3.0.0.4.384 32738, as a temporary workaround, consider restricting access to the `appGet.cgi` endpoint until a patch is available. Avoid using the `hook` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ASUS GT-AC5300 router versions through 3.0.0.4.384 32738 **Description** A stack-based buffer overflow issue allows remote attackers to cause a denial of service (device crash) or possibly have other unspecified impacts. This is achieved by setting a long `sh path0` value and then sending an "appGet.cgi?hook=select list(Storage x SharedPath)" request. The `ej select list` function in `router/httpd/web.c` uses `strcpy`, which is vulnerable to this type of attack. **Recommendations** For versions through 3.0.0.4.384 32738, as a temporary workaround, consider restricting access to the `appGet.cgi` endpoint until a patch is available. Avoid using long values for the `sh path0` variable in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ASUS GT-AC5300 routers with firmware through 3.0.0.4.384 32738 **Description** A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to "start apply.htm". **Recommendations** For firmware versions through 3.0.0.4.384 32738, consider disabling access to the "start apply.htm" endpoint until a patch is available to prevent potential exploitation.