I have tested my asus rt-ac68u vulnerabilities with zANTI = android version of nmap to run vulnerability scans.
The test reported vulnerabilities to me:
443 tcp open https syn-ack
http-method-tamper VULNERABLE:
Authentication bypass by HTTP verb tampering
State: VULNERABLE (Exploitable)
This web server contains password protected resources vulnerable to authentication bypass
vulnerabilities via HTTP verb tampering. This is often found in web servers that only limit access to the
common HTTP methods and in misconfigured .htaccess files.
I am not security expert and I ask you more experts if you can fix this vulnerability?
The router firmware is always updated to the latest version (currently ASUSWRT-MERLIN 386.2_6)
Thanks!
The test reported vulnerabilities to me:
443 tcp open https syn-ack
http-method-tamper VULNERABLE:
Authentication bypass by HTTP verb tampering
State: VULNERABLE (Exploitable)
This web server contains password protected resources vulnerable to authentication bypass
vulnerabilities via HTTP verb tampering. This is often found in web servers that only limit access to the
common HTTP methods and in misconfigured .htaccess files.
I am not security expert and I ask you more experts if you can fix this vulnerability?
The router firmware is always updated to the latest version (currently ASUSWRT-MERLIN 386.2_6)
Thanks!