Cross-Site Request Forgery Vulnerability in ASUS Routers
CVE-2014-7270

Currently unrated

Key Information:

Vendor: Asus
Status: Rt-n66u Firmware; Rt-n66u
Vendor: CVE Published:; 1 February 2015

What is CVE-2014-7270?

A cross-site request forgery (CSRF) vulnerability exists in certain ASUS JAPAN router models, enabling attackers to hijack the authentication of any user. This vulnerability affects several router models, including the RT-AC87U, RT-AC68U, RT-AC56S, RT-N66U, and RT-N56U. If exploited, it can allow unauthorized remote access to user sessions, posing significant security risks. Users are advised to update their router firmware to the latest versions to mitigate this risk.

References

http://jvn.jp/en/jp/JVN32631078/index.html

third-party-advisoryx_refsource_JVN

http://jvndb.jvn.jp/jvndb/JVNDB-2015-000012

third-party-advisoryx_refsource_JVNDB

http://www.asus.com/jp/News/PNzPd7vkXtrKWXHR

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 1, 2015
Vulnerability Reserved
Sep 30, 2014

Asus

What is CVE-2014-7270?

References

Timeline