Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-7270

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-7270
Last Modified 11 Feb 2015 11:42:06
Published 01 Feb 2015 10:59:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-7270

Summary

Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715 and earlier, RT-AC56S routers with firmware 3.0.0.4.376.3715 and earlier, RT-N66U routers with firmware 3.0.0.4.376.3715 and earlier, and RT-N56U routers with firmware 3.0.0.4.376.3715 and earlier allows remote attackers to hijack the authentication of arbitrary users.

Vulnerable Systems

Operating System

  • Asus Rt-ac56s Firmware 3.0.0.4.376.3715

  • Asus Rt-ac68u Firmware 3.0.0.4.376.3715

  • Asus Rt-ac87u Firmware 3.0.0.4.378.3754

  • Asus Rt-n56u Firmware 3.0.0.376.3715

  • Asus Rt-n56u Firmware 3.0.0.4.376.3715

  • Asus Rt-n66u Firmware 3.0.0.4.376.3715


References

CONFIRM - http://www.asus.com/jp/News/PNzPd7vkXtrKWXHR

JVNDB - JVNDB-2015-000012

JVN - JVN#32631078


Last Updated: 27 May 2016 11:07:40