cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-15912,https://securityvulnerability.io/vulnerability/CVE-2019-15912,Denial of Service Vulnerability in ASUS ZigBee Devices,"ASUS ZigBee PRO devices, including the HG100, MW100, WS-101, TS-101, AS-101, MS-101, and DL-101, are susceptible to a denial of service vulnerability. This flaw arises from the ZigBee trust center rejoin procedure, which attackers can exploit to launch multiple denial of service attacks, disrupting the normal operation of affected devices and compromising network security.",Asus,Hg100 Firmware,7.5,HIGH,0.00171999994199723,false,,false,false,false,,,false,false,,2019-12-20T16:03:50.000Z,0
CVE-2019-15911,https://securityvulnerability.io/vulnerability/CVE-2019-15911,Insecure Key Transport in ASUS Devices Using ZigBee PRO Protocol,"A vulnerability affecting various ASUS devices using the ZigBee PRO protocol allows attackers to exploit insecure key transport methods. This can lead to sensitive data exposure, unauthorized access to smart home devices, message tampering, and potential denial of service attacks. Users of these devices should implement security measures to mitigate risks associated with this vulnerability.",Asus,Hg100 Firmware,9.8,CRITICAL,0.004310000222176313,false,,false,false,false,,,false,false,,2019-12-20T16:03:38.000Z,0
CVE-2019-15910,https://securityvulnerability.io/vulnerability/CVE-2019-15910,Denial of Service Vulnerability in ASUS ZigBee PRO Devices,"An issue has been identified in various ASUS devices utilizing ZigBee PRO, which allows attackers to exploit the discovery procedure of the ZigBee network. By triggering this process, adversaries can perform denial of service attacks, effectively disrupting network availability and functionality for legitimate users.",Asus,Hg100 Firmware,7.5,HIGH,0.0014100000262260437,false,,false,false,false,,,false,false,,2019-12-20T16:03:19.000Z,0
CVE-2019-11061,https://securityvulnerability.io/vulnerability/CVE-2019-11061,HG100 has a broken access control vulnerability in its Web API Server,"A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",Asus,Hg100 Firmware,10,CRITICAL,0.003470000112429261,false,,false,false,true,2019-03-29T06:01:49.000Z,true,false,false,,2019-08-29T01:15:00.000Z,0
CVE-2019-11060,https://securityvulnerability.io/vulnerability/CVE-2019-11060,HG100 contains an Uncontrolled Resource Consumption vulnerability,"The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time. CVSS 3.0 Base score 7.4 (Availability impacts). CVSS vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",Asus,Hg100 Firmware,7.4,HIGH,0.006500000134110451,false,,false,false,false,,,false,false,,2019-08-29T01:15:00.000Z,0
CVE-2018-11492,https://securityvulnerability.io/vulnerability/CVE-2018-11492,,ASUS HG100 devices allow denial of service via an IPv4 packet flood.,Asus,Hg100 Firmware,7.5,HIGH,0.003659999929368496,false,,false,false,false,,,false,false,,2018-08-10T16:00:00.000Z,0
CVE-2018-11491,https://securityvulnerability.io/vulnerability/CVE-2018-11491,,"ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution.",Asus,Hg100 Firmware,9.8,CRITICAL,0.005570000037550926,false,,false,false,false,,,false,false,,2018-07-25T13:00:00.000Z,0