Asus rt-ac68u port 443 VULNERABLE: http-method-tamper

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

brumac

Occasional Visitor
I have tested my asus rt-ac68u vulnerabilities with zANTI = android version of nmap to run vulnerability scans.
The test reported vulnerabilities to me:

443 tcp open https syn-ack

http-method-tamper VULNERABLE:
Authentication bypass by HTTP verb tampering
State: VULNERABLE (Exploitable)
This web server contains password protected resources vulnerable to authentication bypass
vulnerabilities via HTTP verb tampering. This is often found in web servers that only limit access to the
common HTTP methods and in misconfigured .htaccess files.
I am not security expert and I ask you more experts if you can fix this vulnerability?
The router firmware is always updated to the latest version (currently ASUSWRT-MERLIN 386.2_6)
Thanks!
 

ColinTaylor

Part of the Furniture

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top