Multiple Asus Router Directory Traversal Vulnerability Network Vulnerability

Summary

The remote Asus router is prone to a directory traversal vulnerability.

Impact

Disclosure of cleartext passwords.

Solution

Turn off AiCloud service.

Affected

Vulnerable Asus Models RT-AC66R Dual-Band Wireless-AC1750 Gigabit Router RT-AC66U Dual-Band Wireless-AC1750 Gigabit Router RT-N66R Dual-Band Wireless-N900 Gigabit Router with 4-Port Ethernet Switch RT-N66U Dual-Band Wireless-N900 Gigabit Router RT-AC56U Dual-Band Wireless-AC1200 Gigabit Router RT-N56R Dual-Band Wireless-AC1200 Gigabit Router RT-N56U Dual-Band Wireless-AC1200 Gigabit Router RT-N14U Wireless-N300 Cloud Router RT-N16 Wireless-N300 Gigabit Router RT-N16R Wireless-N300 Gigabit Router

Detection

Try to read /etc/shadow.

References

http://heise.de/-2105778

Updated on 2017-03-28

Severity

Classification

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:C/I:N/A:N

Related Vulnerabilities

AWStats Totals 'sort' Parameter Remote Command Execution Vulnerabilities
Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
AlienVault OSSIM 'date_from' Parameter Multiple SQL Injection Vulnerabilities
AudiStat multiple vulnerabilities
Artmedic Kleinanzeigen File Inclusion Vulnerability

Take action and discover your vulnerabilities