CyberSec.Space Logo
Back to CVE Browser

CVE-2019-11060

HIGH
7.5
CVSS Severity Score
EPSS Score0.1920%
EPSS Percentile43.02th
PublishedAug 29, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time. CVSS 3.0 Base score 7.4 (Availability impacts). CVSS vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).

Affected Platforms (CPE)

πŸ’»
Asus

Hg100 Firmware

<= 1.05.12

References & Advisories

πŸ”— http://surl.twcert.org.tw/aarVJ
πŸ”— https://tvn.twcert.org.tw/taiwanvn/TVN-201906002
πŸ”— https://www.exploit-db.com/exploits/46720
πŸ”— http://surl.twcert.org.tw/aarVJ
πŸ”— https://tvn.twcert.org.tw/taiwanvn/TVN-201906002
πŸ”— https://www.exploit-db.com/exploits/46720

Related Vulnerabilities

CVE-2019-1106110.0

A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network t...

CVE-2018-114919.8

ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution.

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...