Asus: >> Rt-Ac3200 Firmware >> 3.0.0.4.382.50010 Security Vulnerabilities
Missing cross-site request forgery protection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to cause state-changing actions with specially crafted URLs.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-05-13
Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the "hook" URL parameter.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-05-13
Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter.
CVSS Score
8.1
EPSS Score
0.007
Published
2019-05-13
System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.
CVSS Score
9.8
EPSS Score
0.619
Published
2019-05-13
Cross-site scripting in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute JavaScript via the "hook" URL parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-05-13