Summary
The host is running ASUS Router and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site and also can conduct phishing attacks.
Impact Level: Application
Solution
No Solution is available as of 26th February, 2014.Information regarding this issue will be updated once the solution details are available. For more information refer to http://www.asus.com/Networking/RTN56U
Insight
- The error page is accessible without authentication. This allows the attacker to bypass same-origin policy restrictions enforced by XMLHttpRequest.
- The router error page 'error_page.htm' includes the current administrative password in clear text.
Affected
ASUS RT-N16
ASUS RT-N10U, firmware 3.0.0.4.374_168
ASUS RT-N56U, firmware 3.0.0.4.374_979
ASUS DSL-N55U, firmware 3.0.0.4.374_1397
ASUS RT-AC66U, firmware 3.0.0.4.374_2050
ASUS RT-N15U, firmware 3.0.0.4.374_16
ASUS RT-N53, firmware 3.0.0.4.374_311
Detection
Send a crafted exploit string via HTTP GET request and check whether it is possible to read cookie or not.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2015-1437 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
- Apache Tomcat NIO Connector Denial of Service Vulnerability
- Apache Tomcat Multiple Vulnerabilities June-09
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities