PT-2015-3920 · Asus · Asus Rt-Ac56S+4
Publicado
2015-02-01
·
Atualizado
2015-02-04
·
CVE-2014-7269
CVSS v2.0
6.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
ASUS RT-AC87U routers versions 3.0.0.4.378.3754 and earlier
ASUS RT-AC68U routers versions 3.0.0.4.376.3715 and earlier
ASUS RT-AC56S routers versions 3.0.0.4.376.3715 and earlier
ASUS RT-N66U routers versions 3.0.0.4.376.3715 and earlier
ASUS RT-N56U routers versions 3.0.0.4.376.3715 and earlier
Description
The issue allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.
Recommendations
For ASUS RT-AC87U routers versions 3.0.0.4.378.3754 and earlier, update the firmware to a version later than 3.0.0.4.378.3754.
For ASUS RT-AC68U routers versions 3.0.0.4.376.3715 and earlier, update the firmware to a version later than 3.0.0.4.376.3715.
For ASUS RT-AC56S routers versions 3.0.0.4.376.3715 and earlier, update the firmware to a version later than 3.0.0.4.376.3715.
For ASUS RT-N66U routers versions 3.0.0.4.376.3715 and earlier, update the firmware to a version later than 3.0.0.4.376.3715.
For ASUS RT-N56U routers versions 3.0.0.4.376.3715 and earlier, update the firmware to a version later than 3.0.0.4.376.3715.
Correção
OS Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Asus Rt-Ac56S
Asus Rt-Ac68U
Asus Rt-Ac87U
Asus Rt-N56U
Asus Rt-N66U