CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-20336

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. There is a stack-based buffer overflow issue in parse_req_queries function in wanduck.c via a long string over UDP, which may lead to an information leak.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://starlabs.sg/advisories/18-20336/
https://www.asus.com/Networking/RT-AC1200G-plus/HelpDesk_BIOS/
https://starlabs.sg/advisories/18-20336/
https://www.asus.com/Networking/RT-AC1200G-plus/HelpDesk_BIOS/

Products affected by CVE-2018-20336

Asus » Rt-Ac68u » Version: N/A

cpe:2.3:h:asus:rt-ac68u:-
Asus » Asuswrt-Merlin » Version: 3.0.0.4.384.20308

cpe:2.3:o:asus:asuswrt-merlin:3.0.0.4.384.20308

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-20336

Products

Pricing

Contact Us