ASUS RT-AC68U firmware 3.0.0.4.374_4983

CPE Details

ASUS RT-AC68U firmware 3.0.0.4.374_4983
3.0.0.4.374_4983
2014-04-22
17h27 +00:00
2014-04-30
23h36 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4983:*:*:*:*:*:*:*

Informations

Vendor

asus

Product

rt-ac68u_firmware

Version

3.0.0.4.374_4983

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-37315 2023-02-03 00h00 +00:00 Incorrect Access Control issue discoverd in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the source for COPY and MOVE operations.
9.1
Critical
CVE-2021-37316 2023-02-03 00h00 +00:00 SQL injection vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to view sensitive information via /etc/shadow.
7.5
High
CVE-2021-37317 2023-02-03 00h00 +00:00 Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the target for COPY and MOVE operations.
9.1
Critical
CVE-2021-45757 2022-03-23 09h55 +00:00 ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS).
7.5
High
CVE-2021-45756 2022-03-23 09h49 +00:00 Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi.
9.8
Critical
CVE-2021-3128 2021-04-12 15h41 +00:00 In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
7.5
High
CVE-2018-0582 2018-05-14 11h00 +00:00 Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version prior to 3.0.0.4.380.1031 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
6.1
Medium
CVE-2018-9285 2018-04-04 17h00 +00:00 Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.
9.8
Critical
CVE-2014-7269 2015-02-01 14h00 +00:00 ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.
6.5
CVE-2014-7270 2015-02-01 14h00 +00:00 Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allows remote attackers to hijack the authentication of arbitrary users.
6.8
CVE-2014-2925 2014-04-21 12h00 +00:00 Cross-site scripting (XSS) vulnerability in Advanced_Wireless_Content.asp in ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote attackers to inject arbitrary web script or HTML via the current_page parameter to apply.cgi.
4.3