CVE-2018-14713

HIGH

ASUS RT-AC3200 <3.0.0.4.382.50010 - Memory Corruption

Title source: llm

Description

Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter.

References (1)

[Exploit, Third Party Advisory] https://blog.securityevaluators.com/asus-routers-overflow-with-vulnerabilities-b111bc1c8eb8

Scores

CVSS v3 8.1

EPSS 0.0111

EPSS Percentile 78.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-134

Status published

Products (1)

asus/rt-ac3200_firmware 3.0.0.4.382.50010

Published May 13, 2019

Tracked Since Feb 18, 2026