PT-2019-12157 · Asus · Asus Hg100

Published

2019-08-29

Updated

2020-10-02

CVE-2019-11060

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions ASUS HG100 firmware versions up to 1.05.12

Description The issue concerns a Slowloris HTTP Denial of Service, where an attacker can cause a Denial of Service (DoS) by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time, impacting the availability of the system.

Recommendations For ASUS HG100 firmware versions up to 1.05.12, update to a version later than 1.05.12 to resolve the issue. As a temporary workaround, consider restricting access to Port 8080 to minimize the risk of exploitation.

Fix

Allocation of Resources Without Limits

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-400

Related Identifiers

CVE-2019-11060

Affected Products

Asus Hg100

PT-2019-12157 · Asus · Asus Hg100

CVE-2019-11060

Weakness Enumeration

Related Identifiers

Affected Products

References · 5