What's new

Asus rt-ac68u port 443 VULNERABLE: http-method-tamper

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

brumac

Occasional Visitor
I have tested my asus rt-ac68u vulnerabilities with zANTI = android version of nmap to run vulnerability scans.
The test reported vulnerabilities to me:

443 tcp open https syn-ack

http-method-tamper VULNERABLE:
Authentication bypass by HTTP verb tampering
State: VULNERABLE (Exploitable)
This web server contains password protected resources vulnerable to authentication bypass
vulnerabilities via HTTP verb tampering. This is often found in web servers that only limit access to the
common HTTP methods and in misconfigured .htaccess files.
I am not security expert and I ask you more experts if you can fix this vulnerability?
The router firmware is always updated to the latest version (currently ASUSWRT-MERLIN 386.2_6)
Thanks!
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top