INFO

[CVE ID]

CVE-2023-39086

[PRODUCT]

ASUS RT-AC66U B1 – 3.0.0.4.286_51665

[VERSION]

ASUS RT-AC66U B1  firmware=3.0.0.4.286_51665

[PROBLEMTYPE]

CWE-319: Cleartext Transmission of Sensitive Information

[Attack Vectors]
http://121.41.98.87/2023/07/20/889/
 [DESCRIPTION]
> The latest firmware version of ASUS RT-AC66U B1 is 3.0.0.4.286_ 51665,
> when logging into the management page, the username and password were
> not encrypted and only transmitted through Base64 encoding,
> transmitting sensitive information in almost plaintext.