Vulnerability Details CVE-2018-20333
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2018-20333
-
cpe:2.3:h:asus:gt-ac2900:-
-
cpe:2.3:h:asus:gt-ac5300:-
-
cpe:2.3:h:asus:gt-ax11000:-
-
cpe:2.3:h:asus:rt-ac1200:-
-
cpe:2.3:h:asus:rt-ac1200_v2:-
-
cpe:2.3:h:asus:rt-ac1200g:-
-
cpe:2.3:h:asus:rt-ac1200ge:-
-
cpe:2.3:h:asus:rt-ac1750:-
-
cpe:2.3:h:asus:rt-ac1750_b1:-
-
cpe:2.3:h:asus:rt-ac1900p:-
-
cpe:2.3:h:asus:rt-ac3100:-
-
cpe:2.3:h:asus:rt-ac3200:-
-
cpe:2.3:h:asus:rt-ac51u:-
-
cpe:2.3:h:asus:rt-ac5300:-
-
cpe:2.3:h:asus:rt-ac55u:-
-
cpe:2.3:h:asus:rt-ac56r:-
-
cpe:2.3:h:asus:rt-ac56s:-
-
cpe:2.3:h:asus:rt-ac56u:-
-
cpe:2.3:h:asus:rt-ac66r:-
-
cpe:2.3:h:asus:rt-ac66u-b1:-
-
cpe:2.3:h:asus:rt-ac66u:-
-
cpe:2.3:h:asus:rt-ac66u_b1:-
-
cpe:2.3:h:asus:rt-ac68p:-
-
cpe:2.3:h:asus:rt-ac68u:-
-
cpe:2.3:h:asus:rt-ac86u:-
-
cpe:2.3:h:asus:rt-ac87u:-
-
cpe:2.3:h:asus:rt-ac88u:-
-
cpe:2.3:h:asus:rt-acrh12:-
-
cpe:2.3:h:asus:rt-acrh13:-
-
cpe:2.3:h:asus:rt-ax3000:-
-
cpe:2.3:h:asus:rt-ax56u:-
-
cpe:2.3:h:asus:rt-ax58u:-
-
cpe:2.3:h:asus:rt-ax88u:-
-
cpe:2.3:h:asus:rt-ax92u:-
-
cpe:2.3:h:asus:rt-g32:-
-
cpe:2.3:h:asus:rt-n10+d1:-
-
cpe:2.3:h:asus:rt-n10e:-
-
cpe:2.3:h:asus:rt-n14u:-
-
cpe:2.3:h:asus:rt-n16:-
-
cpe:2.3:h:asus:rt-n19:-
-
cpe:2.3:h:asus:rt-n56r:-
-
cpe:2.3:h:asus:rt-n56u:-
-
cpe:2.3:h:asus:rt-n600:-
-
cpe:2.3:h:asus:rt-n65u:-
-
cpe:2.3:h:asus:rt-n66r:-
-
cpe:2.3:h:asus:rt-n66u:-
-
cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308