CPE Details
ASUS RT-AC3200 Firmware 3.0.0.4.382.50010
3.0.0.4.382.50010
2020-03-25
17h57 +00:00
17h57 +00:00
2020-03-25
17h57 +00:00
17h57 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:o:asus:rt-ac3200_firmware:3.0.0.4.382.50010:*:*:*:*:*:*:*
Informations
Vendor
asusProduct
rt-ac3200_firmwareVersion
3.0.0.4.382.50010Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter. | 9.8 |
Critical |
||
| Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter. | 8.1 |
High |
||
| Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the "hook" URL parameter. | 6.5 |
Medium |
||
| Missing cross-site request forgery protection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to cause state-changing actions with specially crafted URLs. | 6.5 |
Medium |
||
| Cross-site scripting in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute JavaScript via the "hook" URL parameter. | 6.1 |
Medium |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.