ASUS RT-N56U Wireless Router 'QIS_wizard.htm' Password Information Disclosure Vulnerability Network Vulnerability

Summary

ASUS RT-N56U wireless router is prone to an information-disclosure vulnerability that exposes sensitive information. Successful exploits will allow unauthenticated attackers to obtain sensitive information of the device such as administrative password, which may aid in further attacks. ASUS RT-N56U firmware version 1.0.1.4 is vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://www.asus.com/
http://www.asus.com/Networks/Wireless_Routers/RTN56U/
http://www.kb.cert.org/vuls/id/200814
http://www.securityfocus.com/bid/49308

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4497

CVSS	Base Score: 3.3 AV:A/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

ASUS RT-N56U Wireless Router 'QIS_wizard.htm' Password Information Disclosure Vulnerability
Apache Tomcat mod_jk Information Disclosure Vulnerability
net2ftp Multiple Cross-Site Scripting Vulnerabilities
Mantis 'manage_proj_cat_add.php' HTML Injection Vulnerability
OpenEMR Multiple Cross Site Scripting Vulnerabilities

Take action and discover your vulnerabilities