Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network IP address ranges by reading the new_lan_ip variable on the error_page.htm page.
Advisories
Source ID Title
EUVD EUVD EUVD-2018-20485 Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network IP address ranges by reading the new_lan_ip variable on the error_page.htm page.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T07:10:47.068Z

Reserved: 2018-03-20T00:00:00

Link: CVE-2018-8877

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-02-27T22:15:13.567

Modified: 2024-11-21T04:14:30.597

Link: CVE-2018-8877

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.