Predictable Session Tokens in Asus asuswrt HTTPd Server Allow Administrative Router Access

Predictable Session Tokens in Asus asuswrt HTTPd Server Allow Administrative Router Access

CVE-2017-15654 · HIGH Severity

AV:N/AC:H/AU:N/C:C/I:C/A:C

Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access.

Learn more about our Cis Benchmark Audit For Server Software.