cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-15912,https://securityvulnerability.io/vulnerability/CVE-2019-15912,Denial of Service Vulnerability in ASUS ZigBee Devices,"ASUS ZigBee PRO devices, including the HG100, MW100, WS-101, TS-101, AS-101, MS-101, and DL-101, are susceptible to a denial of service vulnerability. This flaw arises from the ZigBee trust center rejoin procedure, which attackers can exploit to launch multiple denial of service attacks, disrupting the normal operation of affected devices and compromising network security.",Asus,Hg100 Firmware,7.5,HIGH,0.00171999994199723,false,,false,false,false,,,false,false,,2019-12-20T16:03:50.000Z,0
CVE-2019-15911,https://securityvulnerability.io/vulnerability/CVE-2019-15911,Insecure Key Transport in ASUS Devices Using ZigBee PRO Protocol,"A vulnerability affecting various ASUS devices using the ZigBee PRO protocol allows attackers to exploit insecure key transport methods. This can lead to sensitive data exposure, unauthorized access to smart home devices, message tampering, and potential denial of service attacks. Users of these devices should implement security measures to mitigate risks associated with this vulnerability.",Asus,Hg100 Firmware,9.8,CRITICAL,0.004310000222176313,false,,false,false,false,,,false,false,,2019-12-20T16:03:38.000Z,0
CVE-2019-15910,https://securityvulnerability.io/vulnerability/CVE-2019-15910,Denial of Service Vulnerability in ASUS ZigBee PRO Devices,"An issue has been identified in various ASUS devices utilizing ZigBee PRO, which allows attackers to exploit the discovery procedure of the ZigBee network. By triggering this process, adversaries can perform denial of service attacks, effectively disrupting network availability and functionality for legitimate users.",Asus,Hg100 Firmware,7.5,HIGH,0.0014100000262260437,false,,false,false,false,,,false,false,,2019-12-20T16:03:19.000Z,0
CVE-2019-11060,https://securityvulnerability.io/vulnerability/CVE-2019-11060,HG100 contains an Uncontrolled Resource Consumption vulnerability,"The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time. CVSS 3.0 Base score 7.4 (Availability impacts). CVSS vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",Asus,Hg100 Firmware,7.4,HIGH,0.005960000213235617,false,,false,false,false,,,false,false,,2019-08-29T01:15:00.000Z,0
CVE-2019-11061,https://securityvulnerability.io/vulnerability/CVE-2019-11061,HG100 has a broken access control vulnerability in its Web API Server,"A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",Asus,Hg100 Firmware,10,CRITICAL,0.003470000112429261,false,,false,false,true,2019-03-29T06:01:49.000Z,true,false,false,,2019-08-29T01:15:00.000Z,0
CVE-2018-11492,https://securityvulnerability.io/vulnerability/CVE-2018-11492,Denial of Service Vulnerability in ASUS HG100 Devices,"ASUS HG100 devices are susceptible to a denial of service (DoS) attack, allowing an attacker to overwhelm the device by flooding it with IPv4 packets. This vulnerability poses a significant risk, as it can disrupt the normal operation and accessibility of the device, potentially leading to service outages and significant operational impact. Protecting against such threats is essential for maintaining a secure and reliable networking environment.",Asus,Hg100 Firmware,7.5,HIGH,0.003659999929368496,false,,false,false,false,,,false,false,,2018-08-10T16:00:00.000Z,0
CVE-2018-11491,https://securityvulnerability.io/vulnerability/CVE-2018-11491,Remote Command Execution Vulnerability in ASUS HG100 Devices,"ASUS HG100 devices prior to firmware version 1.05.12 are susceptible to a remote command execution vulnerability due to unauthenticated access. This flaw allows attackers to execute arbitrary commands on the device remotely, potentially compromising the entire network environment. Users are urged to upgrade to the latest firmware version to mitigate this risk and protect against unauthorized accesses. For further information, please refer to ASUS's official communication and discussions on this issue.",Asus,Hg100 Firmware,9.8,CRITICAL,0.005909999832510948,false,,false,false,false,,,false,false,,2018-07-25T13:00:00.000Z,0