Cross-Site Scripting Vulnerabilities in ASUS RT-G32 Routers
CVE-2015-2681
Currently unrated
What is CVE-2015-2681?
Multiple cross-site scripting (XSS) vulnerabilities exist within the ASUS RT-G32 routers, specifically in firmware versions 2.0.2.6 and 2.0.3.2. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML through specific parameters in requests to start_apply.htm. Exploiting these vulnerabilities could potentially lead to unauthorized actions and compromise user security, emphasizing the importance of applying necessary patches and updates to mitigate risks.