CVE-2020-15498

CVE-2020-15498

An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. The router accepts an arbitrary server certificate for a firmware update. The culprit is the –no-check-certificate option passed to wget tool used to download firmware update files.

Source: CVE-2020-15498