An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
References
Link | Resource |
---|---|
https://starlabs.sg/advisories/18-20333/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2020-03-19 18:15
Updated : 2020-03-23 14:51
NVD link : CVE-2018-20333
Mitre link : CVE-2018-20333
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
asus
- rt-ac55u
- rt-n14u
- rt-n56r
- rt-ax92u
- rt-ac87u
- rt-n65u
- rt-ac3100
- rt-ac1750
- rt-ac1200_v2
- rt-n16
- rt-ac51u
- rt-ac56r
- rt-ac56s
- rt-acrh13
- rt-ac1750_b1
- rt-n66u
- rt-ac86u
- rt-ac3200
- rt-n10e
- rt-ac1200ge
- rt-g32
- rt-ac68p
- gt-ax11000
- rt-ac56u
- rt-n56u
- rt-ax58u
- rt-ac1200
- rt-ax88u
- rt-ac1900p
- rt-ac66r
- rt-ac66u-b1
- rt-n66r
- rt-ac5300
- rt-n19
- rt-n600
- rt-ac66u
- rt-ac88u
- rt-acrh12
- rt-ax3000
- rt-ax56u
- gt-ac5300
- rt-ac1200g
- asuswrt
- rt-ac68u
- gt-ac2900
- rt-ac66u_b1
- rt-n10\+d1