CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17023

Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 routers with firmware through 3.0.0.4.384_32738 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.8%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

Products affected by CVE-2018-17023

Asus » Gt-Ac5300 » Version: N/A

cpe:2.3:h:asus:gt-ac5300:-
Asus » Gt-Ac5300 Firmware » Version: 3.0.0.4.384.21140

cpe:2.3:o:asus:gt-ac5300_firmware:3.0.0.4.384.21140
Asus » Gt-Ac5300 Firmware » Version: 3.0.0.4.384.32738

cpe:2.3:o:asus:gt-ac5300_firmware:3.0.0.4.384.32738
Asus » Gt-Ac5300 Firmware » Version: 3.0.0.4.384.32799

cpe:2.3:o:asus:gt-ac5300_firmware:3.0.0.4.384.32799
Asus » Gt-Ac5300 Firmware » Version: 3.0.0.4.384.45149

cpe:2.3:o:asus:gt-ac5300_firmware:3.0.0.4.384.45149
Asus » Gt-Ac5300 Firmware » Version: 3.0.0.4.384.45713

cpe:2.3:o:asus:gt-ac5300_firmware:3.0.0.4.384.45713
Asus » Gt-Ac5300 Firmware » Version: 3.0.0.4.384.45717

cpe:2.3:o:asus:gt-ac5300_firmware:3.0.0.4.384.45717
Asus » Gt-Ac5300 Firmware » Version: 3.0.0.4.384_32738

cpe:2.3:o:asus:gt-ac5300_firmware:3.0.0.4.384_32738

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17023

Products

Pricing

Contact Us