Vulnerability Details CVE-2014-7270
Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allows remote attackers to hijack the authentication of arbitrary users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.4%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2014-7270
-
cpe:2.3:h:asus:rt-ac56s:-
-
cpe:2.3:h:asus:rt-ac68u:-
-
cpe:2.3:h:asus:rt-ac87u:-
-
cpe:2.3:h:asus:rt-n56u:-
-
cpe:2.3:h:asus:rt-n66u:-
-
cpe:2.3:o:asus:rt-ac56s_firmware:3.0.0.4.376.3715
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374.4755
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374.5047
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4561
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4887
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4983
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.376.3715
-
cpe:2.3:o:asus:rt-ac87u_firmware:3.0.0.4.378.3754
-
cpe:2.3:o:asus:rt-n56u_firmware:-
-
cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4
-
cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4o
-
cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7c
-
cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7f
-
cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8j
-
cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8l
-
cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8n
-
cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.318
-
cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.334
-
cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.342
-
cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.360
-
cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.374_979
-
cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.376.3715
-
cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.272
-
cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.370
-
cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.376.3715