Information Disclosure Vulnerability in ASUS RT-AC58U 3.0.0.4.380_6516: Exposing Hostnames and IP Addresses via Main_Login.asp Page

Information Disclosure Vulnerability in ASUS RT-AC58U 3.0.0.4.380_6516: Exposing Hostnames and IP Addresses via Main_Login.asp Page

CVE-2018-18287 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

On ASUS RT-AC58U 3.0.0.4.380_6516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the Main_Login.asp page.

Learn more about our Web Application Penetration Testing UK.