CVE-2020-29656

Name of the Vulnerable Software and Affected Versions RT-AC88U Download Master version 3.1.0.107 and earlier

Description An information disclosure issue exists, allowing direct access to "/downloadmaster/dm apply.cgi?action mode=initial&download type=General&special cgi=get language" which can reach unknown functionality in an easy manner via a public exploit.

Recommendations For RT-AC88U Download Master version 3.1.0.107 and earlier, update to version 3.1.0.108 or later to resolve the issue. As a temporary workaround, consider restricting access to the /downloadmaster/dm apply.cgi endpoint until a patch is applied.