{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-11-28T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote attackers to change passwords of arbitrary users via the http_passwd parameter to mod_login.asp."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-29T15:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.securityartwork.es/2018/01/25/some-vulnerability-in-asus-routers/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.asus.com/Networking/DSL-N14U-B1/HelpDesk_BIOS/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-14698", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote attackers to change passwords of arbitrary users via the http_passwd parameter to mod_login.asp."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.securityartwork.es/2018/01/25/some-vulnerability-in-asus-routers/", "refsource": "MISC", "url": "https://www.securityartwork.es/2018/01/25/some-vulnerability-in-asus-routers/"}, {"name": "https://www.asus.com/Networking/DSL-N14U-B1/HelpDesk_BIOS/", "refsource": "CONFIRM", "url": "https://www.asus.com/Networking/DSL-N14U-B1/HelpDesk_BIOS/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T19:34:39.866Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.securityartwork.es/2018/01/25/some-vulnerability-in-asus-routers/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.asus.com/Networking/DSL-N14U-B1/HelpDesk_BIOS/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-14698", "datePublished": "2018-01-29T16:00:00.000Z", "dateReserved": "2017-09-22T00:00:00.000Z", "dateUpdated": "2024-08-05T19:34:39.866Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-ac51_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "606B05F7-7697-407B-923D-DB9125C9E9D2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-ac51:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAC348F1-6C46-4637-A27F-D69DD1AC77F5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-ac52u_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA9A9BD5-BCE8-4DBC-B615-AAF9CEE2C8AA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-ac52u:-:*:*:*:*:*:*:*", "matchCriteriaId": "60CC5443-8FEE-4BDB-B775-A1C7CE0021A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-ac55u_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB82EB29-4348-48B3-92E9-59AF27041069", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-ac55u:-:*:*:*:*:*:*:*", "matchCriteriaId": "84685B17-E252-4519-B857-81717DD21CE7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n55u_c1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E4F8FC8-B153-45AA-A70A-4AF23C171FB5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n55u_c1:-:*:*:*:*:*:*:*", "matchCriteriaId": "9ABC6E2A-73FE-42E1-A8D5-08B894C39AA5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n55u_d1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C84C544-1C39-4936-B49C-6C01622FD620", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n55u_d1:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6AF8875-4CCB-4C9E-9056-DEC84168B762", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-ac56u_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD2953F9-5E62-4508-9434-4A8FB1739F62", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-ac56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "22236F8C-F904-447A-8E7E-C8D56D5B673F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n10_c1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "909103A0-1F5E-4587-8357-715412FFFE38", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n10_c1:-:*:*:*:*:*:*:*", "matchCriteriaId": "066A3EE0-FEDD-4D77-8B8F-914838378D4A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n12u_c1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9129F191-9999-4ECF-892F-0EA0363F79BA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n12u_c1:-:*:*:*:*:*:*:*", "matchCriteriaId": "821F157F-CFDE-4662-954F-C6B2FD53B373", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n12e_c1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6CA74206-AD82-4CA0-82EB-E2FA6854BFA7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n12e_c1:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A6C48CD-4BC0-4355-969E-1C22A58D7FDF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n14u_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "292D7A66-FCE7-466D-9910-4F968E7D157A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n14u:-:*:*:*:*:*:*:*", "matchCriteriaId": "D811DE13-0D12-4CDC-B74A-B873817DC8B5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n14u-b1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E42CE2E-9357-4E54-9503-3A00ADFF279F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n14u-b1:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9A0D00F-263F-4CFF-928D-6C39FD947A6B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n16_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D346B8AE-2E16-4AD8-8E32-212C206D6947", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n16:-:*:*:*:*:*:*:*", "matchCriteriaId": "FDF90D44-4CD7-4166-A139-9F4A8D14F483", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n16u_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E39DC19-6FB6-4498-9367-7856604DDD9D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n16u:-:*:*:*:*:*:*:*", "matchCriteriaId": "7227CEBF-FE58-4EB1-B679-9369DF2801A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n17u_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0C9C64DD-8913-4DEC-BA85-538F2D4F5026", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n17u:-:*:*:*:*:*:*:*", "matchCriteriaId": "49D25115-DC83-4A67-8680-BC14BC40EFE6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n66u_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "425A53CC-5FE1-4A5C-86E3-DF23672CFB77", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n66u:-:*:*:*:*:*:*:*", "matchCriteriaId": "B4CB16A3-1D51-4FA9-8012-4008021772E2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-ac750_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8C429544-E8AA-44FE-8B2C-E7AE563A1435", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-ac750:-:*:*:*:*:*:*:*", "matchCriteriaId": "E54AD746-EEEE-4987-B343-36328D638398", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote attackers to change passwords of arbitrary users via the http_passwd parameter to mod_login.asp."}, {"lang": "es", "value": "Los routers ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U y DSL-AC750 permiten que atacantes remotos cambien las contrase\u00f1as de usuarios arbitrarios mediante el par\u00e1metro http_passwd en mod_login.asp."}], "id": "CVE-2017-14698", "lastModified": "2024-11-21T03:13:20.777", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-01-29T16:29:00.293", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.asus.com/Networking/DSL-N14U-B1/HelpDesk_BIOS/"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://www.securityartwork.es/2018/01/25/some-vulnerability-in-asus-routers/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.asus.com/Networking/DSL-N14U-B1/HelpDesk_BIOS/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://www.securityartwork.es/2018/01/25/some-vulnerability-in-asus-routers/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}