CVE-2017-14699
N/A
N/A
Summary
Multiple XML external entity (XXE) vulnerabilities in the AiCloud feature on ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote authenticated users to read arbitrary files via a crafted DTD in (1) an UPDATEACCOUNT or (2) a PROPFIND request.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.securityartwork.es/2018/01/25/some-vulnerability-in-asus-routers/
- https://www.asus.com/Networking/DSL-N14U-B1/HelpDesk_BIOS/
References
- https://www.securityartwork.es/2018/01/25/some-vulnerability-in-asus-routers/
- https://www.asus.com/Networking/DSL-N14U-B1/HelpDesk_BIOS/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.