CVE-2011-4497

ASUS RT-N56U Firmware < 1.0.1.4 - Unauthenticated Administrator Password Exposure via QIS_wizard.htm

Title source: llm

Description

QIS_wizard.htm on the ASUS RT-N56U router with firmware before 1.0.1.4o allows remote attackers to obtain the administrator password via a flag=detect request.

References (1)

Core 1

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/200814

Scores

EPSS 0.0016

EPSS Percentile 37.1%

Details

CWE

CWE-200

Status published

Products (5)

asus/rt-n56u

asus/rt-n56u_firmware 1.0.0.9

asus/rt-n56u_firmware 1.0.1.2

asus/rt-n56u_firmware 1.0.1.3

asus/rt-n56u_firmware < 1.0.1.4

Published Nov 21, 2011

Tracked Since Feb 18, 2026