Condorlab

ASUS – Session Hijack


Advisory ID
RSN-SIP-0029


Vulnerability Information

Session hijack vulnerability in httpd in ASUS ASUSWRT on RT-AC53 3.0.0.4.380.6038 devices allows remote attackers to steal any active admin session by sending cgi_logout and asusrouter-Windows-IFTTT-1.0 in certain HTTP headers.


CVSS Base Score

8.8 High


Release Date

2017-03-09


Solutions

RedShift Networks UCTM solution provides the industry’s first complete security solution developed for securing VOIP networks, endpoints and applications. Its dedicated CONDOR labs research team constantly scouts for new attack patterns, advanced penetration testing methods, vulnerabilities identification and roll out of new signatures to subscribed customers on a constant basis. For more information, visit www.redshiftnetworks.com


External Resources

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6549

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6549