CVE-2017-6549 Information

Feb 14, 2021 cve

Description

Session hijack vulnerability in httpd on ASUS RT-N56U RT-N66U RT-AC66U RT-N66R RT-AC66R RT-AC68U RT-AC68R RT-N66W RT-AC66W RT-AC87R RT-AC87U RT-AC51U RT-AC68P RT-N11P RT-N12+ RT-N12E B1 RT-AC3200 RT-AC53U RT-AC1750 RT-AC1900P RT-N300 and RT-AC750 routers with firmware before 3.0.0.4.380.7378; RT-AC68W routers with firmware before 3.0.0.4.380.7266; and RT-N600 RT-N12+ B1 RT-N11P B1 RT-N12VP B1 RT-N12E C1 RT-N300 B1 and RT-N12+ Pro routers with firmware before 3.0.0.4.380.9488; and Asuswrt-Merlin firmware before 380.65_2 allows remote attackers to steal any active admin session by sending cgi_logout and asusrouter-Windows-IFTTT-1.0 in certain HTTP headers.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/96938 https://asuswrt.lostrealm.ca/changelog https://bierbaumer.net/security/asuswrt/session-stealing https://www.exploit-db.com/exploits/41572/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.8

Share on: