CVE-2018-14713

Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
asusrt-ac3200_firmware
3.0.0.4.382.50010
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://blog.securityevaluators.com/asus-routers-overflow-with-vulnerabilities-b111bc1c8eb8
https://blog.securityevaluators.com/asus-routers-overflow-with-vulnerabilities-b111bc1c8eb8