CVE-2016-6557

CVE-2016-6557

In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request.

Source: CVE-2016-6557

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다