CVE-2018-20335

Name of the Vulnerable Software and Affected Versions: ASUSWRT version 3.0.0.4.384.20308

Description: An issue was discovered that allows an unauthenticated user to trigger a denial of service (DoS) of the httpd service. This can be achieved via the "/APP Installation.asp?" API endpoint.

Recommendations: For ASUSWRT version 3.0.0.4.384.20308, as a temporary workaround, consider restricting access to the "/APP Installation.asp?" API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.