CVE-2017-5632 — MEDIUM (6.5)

Vulnerability Description

An issue was discovered on the ASUS RT-N56U Wireless Router with Firmware 3.0.0.4.374_979. When executing an "nmap -O" command that specifies an IP address of an affected device, one can crash the device's WAN connection, causing disconnection from the Internet, a Denial of Service (DoS). The attack is only possible from within the local area network.

CVSS Score

6.5

MEDIUM

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Asus	Rt-N56U Firmware	3.0.0.4.374_979
Asus	Rt-N56U	-

References

http://www.securityfocus.com/bid/95857Third Party AdvisoryVDB Entry
https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory/Vendor Advisory
http://www.securityfocus.com/bid/95857Third Party AdvisoryVDB Entry
https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory/Vendor Advisory

FAQ

What is CVE-2017-5632?

CVE-2017-5632 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An issue was discovered on the ASUS RT-N56U Wireless Router with Firmware 3.0.0.4.374_979. When executing an "nmap -O" command that specifies an IP address of an affected device, one can crash the dev...

How severe is CVE-2017-5632?

CVE-2017-5632 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-5632?

Check the references section above for vendor advisories and patch information. Affected products include: Asus Rt-N56U Firmware, Asus Rt-N56U.