Buffer Overflow Vulnerabilities in Asuswrt HTTPd Server by Asus
CVE-2017-15655
9.6CRITICAL
Summary
Multiple buffer overflow vulnerabilities in the HTTPd server of Asus routers running Asuswrt versions up to 3.0.0.4.376.X can lead to remote code execution with administrator privileges. This issue arises when the administrator interacts with certain pages. Although they have been addressed in subsequent releases, older models and those at end-of-life status remain exposed, posing significant risk to network security.
References
CVSS V3.1
Score:
9.6
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved