CSRF Vulnerability in ASUS RT-G32 Routers
CVE-2015-2676

Currently unrated

Key Information:

Vendor: Asus
Status: Rt-g32 Firmware
Vendor: CVE Published:; 23 March 2015

What is CVE-2015-2676?

A cross-site request forgery (CSRF) vulnerability exists in ASUS RT-G32 routers running specific firmware versions. This flaw enables remote attackers to hijack administrative authentication, allowing unauthorized changes, such as altering the administrator password through deceptive requests directed at the router's web interface.

References

http://seclists.org/fulldisclosure/2015/Mar/42

mailing-listx_refsource_FULLDISC

http://www.securityfocus.com/bid/73294

vdb-entryx_refsource_BID

http://packetstormsecurity.com/files/130724/ASUS-RT-G32-C...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 23, 2015
Vulnerability Reserved
Mar 23, 2015

Asus

What is CVE-2015-2676?

References

Timeline