Filtered by vendor Asus
Subscribe
Total
268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14993 | 1 Asus | 4 Zenfone 3 Max, Zenfone 3 Max Firmware, Zenfone V Live and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The ASUS Zenfone V Live Android device with a build fingerprint of asus/VZW_ASUS_A009/ASUS_A009:7.1.1/NMF26F/14.0610.1802.78-20180313:user/release-keys and the Asus ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys both contain a pre-installed platform app with a package name of com.asus.splendidcommandagent (versionCode=1510200090, versionName=1.2.0.18_160928) that contains an exported service named com.asus.splendidcommandagent.SplendidCommandAgentService that allows any app co-located on the device to supply arbitrary commands to be executed as the system user. This app cannot be disabled by the user and the attack can be performed by a zero-permission app. Executing commands as system user can allow a third-party app to video record the user's screen, factory reset the device, obtain the user's notifications, read the logcat logs, inject events in the Graphical User Interface (GUI), change the default Input Method Editor (IME) (e.g., keyboard) with one contained within the attacking app that contains keylogging functionality, obtain the user's text messages, and more. | |||||
| CVE-2018-14992 | 1 Asus | 2 Zenfone 3 Max, Zenfone 3 Max Firmware | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains a pre-installed platform app with a package name of com.asus.dm (versionCode=1510500200, versionName=1.5.0.40_171122) has an exposed interface in an exported service named com.asus.dm.installer.DMInstallerService that allows any app co-located on the device to use its capabilities to download an arbitrary app over the internet and install it. Any app on the device can send an intent with specific embedded data that will cause the com.asus.dm app to programmatically download and install the app. For the app to be downloaded and installed, certain data needs to be provided: download URL, package name, version name from the app's AndroidManifest.xml file, and the MD5 hash of the app. Moreover, any app that is installed using this method can also be programmatically uninstalled using the same unprotected component named com.asus.dm.installer.DMInstallerService. | |||||
| CVE-2018-14980 | 1 Asus | 2 Zenfone 3 Max, Zenfone 3 Max Firmware | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode=24, versionName=7.0) that has been modified by ASUS or another entity in the supply chain. The system_server process in the core android package has an exported broadcast receiver that allows any app co-located on the device to programmatically initiate the taking of a screenshot and have the resulting screenshot be written to external storage (i.e., sdcard). The taking of a screenshot is not transparent to the user; the device has a screen animation as the screenshot is taken and there is a notification indicating that a screenshot occurred. If the attacking app also requests the EXPAND_STATUS_BAR permission, it can wake the device up using certain techniques and expand the status bar to take a screenshot of the user's notifications even if the device has an active screen lock. The notifications may contain sensitive data such as text messages used in two-factor authentication. The system_server process that provides this capability cannot be disabled, as it is part of the Android framework. The notification can be removed by a local Denial of Service (DoS) attack to reboot the device. | |||||
| CVE-2018-14979 | 1 Asus | 2 Zenfone 3 Max, Zenfone 3 Max Firmware | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains a pre-installed app with a package name of com.asus.loguploader (versionCode=1570000275, versionName=7.0.0.55_170515). This app contains an exported service app component named com.asus.loguploader.LogUploaderService that, when accessed with a particular action string, will write a bugreport (kernel log, logcat log, and the state of system services including the text of active notifications), Wi-Fi Passwords, and other system data to external storage (sdcard). Any app with the READ_EXTERNAL_STORAGE permission on this device can read this data from the sdcard after it has been dumped there by the com.asus.loguploader. Third-party apps are not allowed to directly create a bugreport or access the user's stored wireless network credentials. | |||||
| CVE-2018-14714 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter. | |||||
| CVE-2018-14713 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter. | |||||
| CVE-2018-14712 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Buffer overflow in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to inject system commands via the "hook" URL parameter. | |||||
| CVE-2018-14711 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Missing cross-site request forgery protection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to cause state-changing actions with specially crafted URLs. | |||||
| CVE-2018-14710 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute JavaScript via the "hook" URL parameter. | |||||
| CVE-2018-11492 | 1 Asus | 2 Hg100, Hg100 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| ASUS HG100 devices allow denial of service via an IPv4 packet flood. | |||||
| CVE-2018-11491 | 1 Asus | 2 Hg100, Hg100 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution. | |||||
| CVE-2018-0647 | 1 Asus | 2 Wl-330nul, Wl-330nul Firmware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||||
| CVE-2018-0583 | 1 Asus | 2 Rt-ac1200hp, Rt-ac1200hp Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in ASUS RT-AC1200HP Firmware version prior to 3.0.0.4.380.4180 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0582 | 1 Asus | 2 Rt-ac68u, Rt-ac68u Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version prior to 3.0.0.4.380.1031 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0581 | 1 Asus | 2 Rt-ac87u, Rt-ac87u Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2017-17945 | 1 Asus | 2 Hivivo, Vivobaby | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation. | |||||
| CVE-2017-17944 | 1 Asus | 2 Hivivo, Vivobaby | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation. | |||||
| CVE-2017-15656 | 1 Asus | 1 Asuswrt | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt. | |||||
| CVE-2017-15655 | 1 Asus | 1 Asuswrt | 2024-11-21 | 9.3 HIGH | 9.6 CRITICAL |
| Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages. | |||||
| CVE-2017-15654 | 1 Asus | 1 Asuswrt | 2024-11-21 | 7.6 HIGH | 8.3 HIGH |
| Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access. | |||||