Researchers have discovered a persistent Cross-Site Scripting (XSS) vulnerability in multiple Asus routers.  ASUSTeK Computer Incorporated (Asus) designs and manufactures a series of network routers, which are a highly rated router brand.  The discovered vulnerability could allow an authenticated, remote attacker to conduct an XSS attack when a user attempts to change the name of network equipment when injected with JavaScript code.

Mitigation:

The IPS signature which covers this specific vulnerability:

Asus.Router.Web.Management.Page.XSS

Affected Asus router models:

RT-AC66U,  RT-AC58U,  RT-AC54U,  RT-AC51U,  RT-AC1200HP,  RT-ACRH13,  RT-N66U,  RT-N12 D1 and RT-N12HP B1

Asus released patch for the vulnerability on 21 May 2018.  Released on 29 May 2018.  Users should apply the solution provided by Asus.

References

https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS/

https://www.asus.com/Networking/RT-AC58U/HelpDesk_BIOS/

https://www.asus.com/Networking/RTAC54U/HelpDesk_BIOS/

https://www.asus.com/Networking/RTAC51U/HelpDesk_BIOS/

https://www.asus.com/Networking/RTAC1200HP/HelpDesk_BIOS/

https://www.asus.com/Networking/RT-AC58U/HelpDesk_BIOS/

https://www.asus.com/Networking/RTN66U/HelpDesk_BIOS/

https://www.asus.com/Networking/RTN12_D1/HelpDesk_BIOS/

https://www.asus.com/Networking/RTN12HP_B1/HelpDesk_BIOS/

Mitre/CVE:

CVE-2018-13154

This report is being provided as a warning for our Wapack Labs Small Business Alliance, in order to help better protect your networks. 

Source: Fortinet.com

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!