Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-6547

CWE-79 — Cross-site Scripting (XSS)4 documents4 sources
Severity
6.1MEDIUM
EPSS
1.0%
top 22.54%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Asus Rt-ac53 Firmware
Timeline
PublishedMar 9
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmware before 3.0.0.4.380.7378; RT-AC68W routers with firmware before 3.0.0.4.380.7266; and RT-N600, RT-N12+ B1, RT-N11P B1, RT-N12VP B1, RT-N12E C1, RT-N300 B1, and RT-N12+ Pro routers with firmware befor…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

â–¶NVDasus/rt-ac53_firmware3.0.0.4.380.6038

🔴Vulnerability Details

2
GHSA
GHSA-pvx8-88xj-9px8: Cross-site scripting (XSS) vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC8↗2022-05-17
â–¶
CVEList
CVE-2017-6547: Cross-site scripting (XSS) vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC8↗2017-03-09
â–¶

💥Exploits & PoCs

1
Exploit-DB
ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Cross-Site Scripting↗2017-03-08
â–¶
CVE-2017-6547 (MEDIUM CVSS 6.1) | Cross-site scripting (XSS) vulnerab | cvebase.io