CVE-2019-15910
HIGH WAF: Medium
CVSS 7.5
Published: 2019-12-20
CWE-20
An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack.
WAF Coverage Analysis
Improper Input Validation
Medium WAF Coverage
OWASP: A03:2021 Injection
920xxx - Protocol Enforcement 941xxx - XSS / XXE 942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| asus | hg100_firmware | - |
| asus | mw100_firmware | - |
| asus | ws-101_firmware | - |
| asus | ts-101_firmware | - |
| asus | as-101_firmware | - |
| asus | ms-101_firmware | - |
| asus | dl-101_firmware | - |
References
- github.com (Exploit, Third Party Advisory)