← Back

Asuswrt Merlin Project

asuswrt-merlin_project

5 CVEs • 66 products

Products (66)

Click to collapse
Toggle
Rt Ac5300 Firmware
rt-ac5300_firmware
5 CVEs
Rt Ac1900p Firmware
rt_ac1900p_firmware
5 CVEs
Rt Ac68u Firmware
rt-ac68u_firmware
5 CVEs
Rt Ac68p Firmware
rt-ac68p_firmware
5 CVEs
Rt Ac88u Firmware
rt-ac88u_firmware
5 CVEs
Rt Ac66u B1 Firmware
rt-ac66u_b1_firmware
5 CVEs
Rt Ac56u Firmware
rt-ac56u_firmware
5 CVEs
Rt Ac3200 Firmware
rt-ac3200_firmware
5 CVEs
Rt Ac3100 Firmware
rt-ac3100_firmware
5 CVEs
Rt Ac66u Firmware
rt-ac66u_firmware
3 CVEs
Rt Ac58u Firmware
rt-ac58u_firmware
3 CVEs
Rt Ac55u Firmware
rt-ac55u_firmware
3 CVEs
Rt Ac52u Firmware
rt-ac52u_firmware
3 CVEs
Rt Ac51u Firmware
rt-ac51u_firmware
3 CVEs
Rt N18u Firmware
rt-n18u_firmware
3 CVEs
Rt N66u Firmware
rt-n66u_firmware
3 CVEs
Rt N56u Firmware
rt-n56u_firmware
3 CVEs
Rt Ac1200gu Firmware
rt_ac1200gu_firmware
3 CVEs
Rt Ac1200g Firmware
rt_ac1200g_firmware
3 CVEs
Rt Ac1200 Firmware
rt-ac1200_firmware
3 CVEs
Rt Ac53 Firmware
rt-ac53_firmware
3 CVEs
Rt N12hp Firmware
rt-n12hp_firmware
3 CVEs
Rt N12hp B1 Firmware
rt-n12hp_b1_firmware
3 CVEs
Rt N12d1 Firmware
rt-n12d1_firmware
3 CVEs
Rt N12+ Firmware
rt-n12+_firmware
3 CVEs
Rt N12+ Pro Firmware
rt_n12+_pro_firmware
3 CVEs
Rt N16 Firmware
rt-n16_firmware
3 CVEs
Rt N300 Firmware
rt-n300_firmware
3 CVEs
Rt Ac68uf Firmware
rt-ac68uf_firmware
2 CVEs
Rt Ac87 Firmware
rt-ac87_firmware
2 CVEs
Rt Ac1900 Firmware
rt-ac1900_firmware
2 CVEs
Rt Ac86u Firmware
rt-ac86u_firmware
2 CVEs
Rt Ac2900 Firmware
rt-ac2900_firmware
2 CVEs
Rt Ac5300
rt-ac5300
0 CVEs
Rt Ac1900p
rt_ac1900p_
0 CVEs
Rt Ac68u
rt-ac68u
0 CVEs
Rt Ac68p
rt-ac68p
0 CVEs
Rt Ac88u
rt-ac88u
0 CVEs
Rt Ac66u
rt-ac66u
0 CVEs
Rt Ac66u B1
rt-ac66u_b1
0 CVEs
Rt Ac58u
rt-ac58u
0 CVEs
Rt Ac56u
rt-ac56u
0 CVEs
Rt Ac55u
rt-ac55u
0 CVEs
Rt Ac52u
rt-ac52u
0 CVEs
Rt Ac51u
rt-ac51u
0 CVEs
Rt N18u
rt-n18u
0 CVEs
Rt N66u
rt-n66u
0 CVEs
Rt N56u
rt-n56u
0 CVEs
Rt Ac3200
rt-ac3200
0 CVEs
Rt Ac3100
rt-ac3100
0 CVEs
Rt Ac1200gu
rt_ac1200gu
0 CVEs
Rt Ac1200g
rt_ac1200g
0 CVEs
Rt Ac1200
rt-ac1200
0 CVEs
Rt Ac53
rt-ac53
0 CVEs
Rt N12hp
rt-n12hp
0 CVEs
Rt N12hp B1
rt-n12hp_b1
0 CVEs
Rt N12d1
rt-n12d1
0 CVEs
Rt N12+
rt-n12+
0 CVEs
Rt N12+ Pro
rt_n12+_pro
0 CVEs
Rt N16
rt-n16
0 CVEs
Rt N300
rt-n300
0 CVEs
Rt Ac68uf
rt-ac68uf
0 CVEs
Rt Ac87
rt-ac87
0 CVEs
Rt Ac1900
rt-ac1900
0 CVEs
Rt Ac86u
rt-ac86u
0 CVEs
Rt Ac2900
rt-ac2900
0 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-18320
1Asuswrt Merlin Project
14Rt Ac1900 Firmware
Rt Ac2900 FirmwareRt Ac3100 Firmware+11 more
Nov 21, 2024
Oct 15, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed o...Show more
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code executionShow less
CVE-2018-18319
1Asuswrt Merlin Project
14Rt Ac1900 Firmware
Rt Ac2900 FirmwareRt Ac3100 Firmware+11 more
Nov 21, 2024
Oct 15, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=...Show more
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code executionShow less
CVE-2017-11420
1Asuswrt Merlin Project
28Rt Ac1200 Firmware
Rt Ac3100 FirmwareRt Ac3200 Firmware+25 more
May 13, 2026
Jul 18, 2017
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, R...Show more
Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list.Show less
CVE-2017-11345
1Asuswrt Merlin Project
28Rt Ac1200 Firmware
Rt Ac3100 FirmwareRt Ac3200 Firmware+25 more
May 13, 2026
Jul 17, 2017
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52...Show more
Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response.Show less
CVE-2017-11344
1Asuswrt Merlin Project
28Rt Ac1200 Firmware
Rt Ac3100 FirmwareRt Ac3200 Firmware+25 more
May 13, 2026
Jul 17, 2017
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC5...Show more
Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response.Show less