Strike ID:
E19-5xoq1
CVSS:
8.5 (AV:N/AC:M/Au:S/C:C/I:C/A:C)
False Positive:
t
Variants:
2
Year:
2019

Description

This strike simulates an OS command injection attack via a CSRF present in ASUS RT-N10+, with firmware version 2.0.3.4 By enticing an administrator user to open a crafted attachment or by performing a WIFI attack such as EvilTwin, an attacker may execute arbitrary command on the target device.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}