CVE-2020-23648

7.5HIGH

Key Information

Vendor: Asus
Status: Rt-n12e Firmware
Vendor: CVE Published:; 19 October 2022

Summary

Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system.asp / start_apply.htm, an attacker can change the administrator password without any authentication.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 19, 2022
Vulnerability Reserved.
Aug 13, 2020

Collectors

NVD DatabaseMitre Database