Commit Graph

4 Commits (e96585e72f590ee1da50b5e41b42724c990c234d)

Author SHA1 Message Date
Ice3man543 e9f728c321 Added cve annotations + severity adjustments 2021-09-10 16:56:40 +05:30
sandeep 609705f676 removed extra headers not required for template 2021-09-08 17:47:19 +05:30
Prince Chaddha beb11d77e3
Update CVE-2021-32030.yaml 2021-08-17 17:05:12 +05:30
GwanYeong Kim c11328da0b Create CVE-2021-32030.yaml
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\0' matches the device's default value of '\0' in some situations.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-16 20:13:22 +09:00