Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
ASUS RT-N66U Router - HTTPS Directory traversal and full file access and credential disclosure vuln
Jun 22 2013 02:34PM
kyle Lovett (krlovett gmail com)
Vulnerable product: ASUS RT-N66U when HTTPS WebService via AiCloud is enabled
(AC66R and RT-N65U are effected as well, but need more testing)
- Linux 2.6.22 - Researched on both 22.214.171.124.270 and 126.96.36.199.354 firmware
- Full directory traversal and plain text disclosure of all sensiti...
[ more ]
Copyright 2010, SecurityFocus