CVE-2019-15911

CRITICAL

ASUS - Info Disclosure

Title source: llm

Description

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart home devices, and tamper with messages.

Exploits (1)

github WRITEUP 9 stars

by chengcheng227 · poc

https://github.com/chengcheng227/CVE-POC/tree/master/CVE-2019-15911.md

View Code ZIP pw:eip

References (1)

[Exploit, Third Party Advisory] https://github.com/chengcheng227/CVE-POC/blob/master/CVE-2019-15911.md

View Exploit ZIP pw:eip

Scores

CVSS v3 9.8

EPSS 0.0067

EPSS Percentile 71.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-319

Status published

Products (7)

asus/as-101_firmware

asus/dl-101_firmware

asus/hg100_firmware

asus/ms-101_firmware

asus/mw100_firmware

asus/ts-101_firmware

asus/ws-101_firmware

Published Dec 20, 2019

Tracked Since Feb 18, 2026