CVE-2019-15912
HIGH WAF: Medium
CVSS 7.5
Published: 2019-12-20
CWE-20
An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks.
WAF Coverage Analysis
Improper Input Validation
Medium WAF Coverage
OWASP: A03:2021 Injection
920xxx - Protocol Enforcement 941xxx - XSS / XXE 942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| asus | hg100_firmware | - |
| asus | mw100_firmware | - |
| asus | ws-101_firmware | - |
| asus | ts-101_firmware | - |
| asus | as-101_firmware | - |
| asus | ms-101_firmware | - |
| asus | dl-101_firmware | - |
References
- github.com (Exploit, Third Party Advisory)
- github.com (Exploit, Third Party Advisory)