Vulnerability Details CVE-2021-37316
SQL injection vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to view sensitive information via /etc/shadow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.1%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2021-37316
-
cpe:2.3:h:asus:rt-ac68u:-
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374.4755
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374.5047
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4561
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4887
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4983
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.376.3715
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.380.1031
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.384.32738
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.384.32799
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.384.45149
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.384.45708
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.384.45713
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.384.45717
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.384.81049
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.384.81351
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.385.10000
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.385.20252
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.385.20253
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.385.20433
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.385.20490
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.385.20585
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.385.20630
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.385.20632
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.385.20633
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.386.40558