CVE-2017-8877
MEDIUM EXPLOITED IN THE WILDASUS RT-AC*-RT-N* <3.0.0.4.380.7378 - Info Disclosure
Title source: llmExploitation Summary
CVE-2017-8877 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io).
Description
ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://wwws.nightwatchcybersecurity.com/2017/05/09/multiple-vulnerabilities-in-asus-routers/
Scores
CVSS v3
6.5
EPSS
0.0026
EPSS Percentile
49.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
VulnCheck KEV
2018-07-13
InTheWild.io
2018-07-01
CWE
CWE-200
Status
published
Products (1)
asus/rt-ac1750_firmware
3.0.0.4.380.7266
Published
May 10, 2017
Tracked Since
Feb 18, 2026