Vulnerability Details CVE-2017-14698
ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote attackers to change passwords of arbitrary users via the http_passwd parameter to mod_login.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
Products affected by CVE-2017-14698
-
cpe:2.3:h:asus:dsl-ac51:-
-
cpe:2.3:h:asus:dsl-ac52u:-
-
cpe:2.3:h:asus:dsl-ac55u:-
-
cpe:2.3:h:asus:dsl-ac56u:-
-
cpe:2.3:h:asus:dsl-ac750:-
-
cpe:2.3:h:asus:dsl-n10_c1:-
-
cpe:2.3:h:asus:dsl-n12e_c1:-
-
cpe:2.3:h:asus:dsl-n12u_c1:-
-
cpe:2.3:h:asus:dsl-n14u-b1:-
-
cpe:2.3:h:asus:dsl-n14u:-
-
-
cpe:2.3:h:asus:dsl-n16u:-
-
cpe:2.3:h:asus:dsl-n17u:-
-
cpe:2.3:h:asus:dsl-n55u_c1:-
-
cpe:2.3:h:asus:dsl-n55u_d1:-
-
cpe:2.3:h:asus:dsl-n66u:-
-
cpe:2.3:o:asus:dsl-ac51_firmware:-
-
cpe:2.3:o:asus:dsl-ac52u_firmware:-
-
cpe:2.3:o:asus:dsl-ac55u_firmware:-
-
cpe:2.3:o:asus:dsl-ac56u_firmware:-
-
cpe:2.3:o:asus:dsl-ac750_firmware:-
-
cpe:2.3:o:asus:dsl-n10_c1_firmware:-
-
cpe:2.3:o:asus:dsl-n12e_c1_firmware:-
-
cpe:2.3:o:asus:dsl-n12u_c1_firmware:-
-
cpe:2.3:o:asus:dsl-n14u-b1_firmware:-
-
cpe:2.3:o:asus:dsl-n14u_firmware:-
-
cpe:2.3:o:asus:dsl-n16_firmware:-
-
cpe:2.3:o:asus:dsl-n16u_firmware:-
-
cpe:2.3:o:asus:dsl-n17u_firmware:-
-
cpe:2.3:o:asus:dsl-n55u_c1_firmware:-
-
cpe:2.3:o:asus:dsl-n55u_d1_firmware:-
-
cpe:2.3:o:asus:dsl-n66u_firmware:-