ASUS RT-N66U Firmware version 3.0.0.4.380.8228
- Fixed information disclosure vulnerability. Thanks to Haitan Xiang and Fand Wang.
- Fixed CVE-2018-5721 Stack-base buffer overflow vulnerability
- Fixed CVE-2018-8826 remote code code execution vulnerability. Thanks to Chris Wood.
- Fixed CVE-2018-5999 HTTP authorization bypass and CVE-2018-6000. An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
- Fixed remote code execution vulnerability. Thanks to David Maciejak of Fortinet's FortiGuard Labs
- Fixed CVE-2017-14491: DNS - 2 byte heap based overflow
- Fixed CVE-2017-14492: DHCP - heap based overflow
- Fixed CVE-2017-14493: DHCP - stack based overflow
- Fixed CVE-2017-14494: DHCP - info leak
- Fixed CVE-2017-14495: DNS - OOM DoS
- Fixed CVE-2017-14496: DNS - DoS Integer underflow
- Fixed CVE-2017-13704: Bug collision
- Fixed AiCloud 2.0 Reflected XSS Vulnerability. Thanks to Guy Arazi and Niv Levi contribution.
Thanks to Guy Arazi for following vulnerabilities.
- AiCloud 2.0 Stored XSS Share link manager.
- AiCloud 2.0 Reflected XSS - "share a link"
- Download Master HTTP service DoS vulnerability.
- Download Master Reflected XSS Main login.
- Fixed information disclosure vulnerability. Thanks to Haitan Xiang and Fand Wang.
- Fixed CVE-2018-5721 Stack-base buffer overflow vulnerability
- Fixed CVE-2018-8826 remote code code execution vulnerability. Thanks to Chris Wood.
- Fixed CVE-2018-5999 HTTP authorization bypass and CVE-2018-6000. An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
- Fixed remote code execution vulnerability. Thanks to David Maciejak of Fortinet's FortiGuard Labs
- Fixed CVE-2017-14491: DNS - 2 byte heap based overflow
- Fixed CVE-2017-14492: DHCP - heap based overflow
- Fixed CVE-2017-14493: DHCP - stack based overflow
- Fixed CVE-2017-14494: DHCP - info leak
- Fixed CVE-2017-14495: DNS - OOM DoS
- Fixed CVE-2017-14496: DNS - DoS Integer underflow
- Fixed CVE-2017-13704: Bug collision
- Fixed AiCloud 2.0 Reflected XSS Vulnerability. Thanks to Guy Arazi and Niv Levi contribution.
Thanks to Guy Arazi for following vulnerabilities.
- AiCloud 2.0 Stored XSS Share link manager.
- AiCloud 2.0 Reflected XSS - "share a link"
- Download Master HTTP service DoS vulnerability.
- Download Master Reflected XSS Main login.