Shodan
Vulnerabilities
Vulnerable Software
Asus:  >> Rt-Ac1750  Security Vulnerabilities
CVE-2021-43702
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
CVSS Score
9.0
EPSS Score
0.003
Published
2022-07-05
CVE-2018-20333
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-03-20
CVE-2018-20334
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
CVSS Score
9.8
EPSS Score
0.068
Published
2020-03-20
CVE-2018-20335
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
CVSS Score
7.5
EPSS Score
0.008
Published
2020-03-20
CVE-2018-8826
ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.058
Published
2018-04-20
CVE-2017-5891
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-05-10
CVE-2017-5892
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-05-10
CVE-2017-8877
ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-05-10
CVE-2017-8878
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow remote authenticated users to discover the Wi-Fi password via WPS_info.xml.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-05-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved