Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Asus Subscribe
Filtered by product Rt-n10\+d1
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-20335 1 Asus 47 Asuswrt, Gt-ac2900, Gt-ac5300 and 44 more 2020-03-24 7.8 HIGH 7.5 HIGH
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
CVE-2018-20334 1 Asus 47 Asuswrt, Gt-ac2900, Gt-ac5300 and 44 more 2020-03-23 10.0 HIGH 9.8 CRITICAL
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.
CVE-2018-20333 1 Asus 47 Asuswrt, Gt-ac2900, Gt-ac5300 and 44 more 2020-03-23 5.0 MEDIUM 7.5 HIGH
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router.
CVE-2015-1437 1 Asus 2 Rt-n10\+d1, Rt-n10\+d1 Firmware 2018-10-09 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Asus RT-N10+ D1 router with firmware 2.1.1.1.70 allow remote attackers to inject arbitrary web script or HTML via the flag parameter to (1) result_of_get_changed_status.asp or (2) error_page.htm.