nuclei-templates

Commit Graph

Author	SHA1	Message	Date
Prince Chaddha	beb11d77e3	Update CVE-2021-32030.yaml	2021-08-17 17:05:12 +05:30
GwanYeong Kim	c11328da0b	Create CVE-2021-32030.yaml The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\0' matches the device's default value of '\0' in some situations. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>	2021-08-16 20:13:22 +09:00

Author

SHA1

Message

Date

Prince Chaddha

beb11d77e3

Update CVE-2021-32030.yaml

2021-08-17 17:05:12 +05:30

GwanYeong Kim

c11328da0b

Create CVE-2021-32030.yaml

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\0' matches the device's default value of '\0' in some situations.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>

2021-08-16 20:13:22 +09:00

2 Commits (a4def73aa817600a1279d9fe559a198edd1163eb)