CVE-2016-6557

UNKNOWN

Published 2018-07-13T20:00:00

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2016-6557. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

ASUS

RP-AC52 Access Point

Affected Versions:

1.0.1.1s

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-74gx-pmhr-4vmq

Advisory Details

CVSS Scoring

CVSS Score

7.5

CVSS Vector


                                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2016-6557

WEB https://www.kb.cert.org/vuls/id/763843

WEB https://www.securityfocus.com/bid/93596

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

https://www.securityfocus.com/bid/93596

https://www.kb.cert.org/vuls/id/763843

Published: 2018-07-13T20:00:00

Last Modified: 2024-08-06T01:36:28.591Z

Copied to clipboard!

CVE-2016-6557

Expert Analysis

Description

Available Exploits

Related News

Affected Products

RP-AC52 Access Point

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!