Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2023-63441
HistoryAug 03, 2023 - 12:00 a.m.

ASUS RT-AX88U Cross-Site Scripting Vulnerability (CNVD-2023-63441)

2023-08-0300:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
asus
rt-ax88u
cross-site scripting
vulnerability
china
custom user icons
filtering
escaping
user-supplied data
stored xss
attack
javascript code
image upload
normal user privileges
cnvd-2023-63441

0.001 Low

EPSS

Percentile

20.8%

JSON

The ASUS RT-AX88U is a wireless router from Asus (China). The ASUS RT-AX88U suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the Custom User Icons feature, which can be exploited by an attacker to perform a stored cross-site scripting (XSS) attack by uploading an image containing JavaScript code after logging in to the device with normal user privileges.

CPENameOperatorVersion
asus rt-ax88u <=3.0.0.eq4.388.23110

Related

cvelist 1
prion 1
nvd 1
cve 1
cvelist
cvelist
CVE-2023-34360 ASUS RT-AX88U - Stored XSS
2023-07-31 05:32:14
prion
prion
Cross site scripting
2023-07-31 06:15:00
nvd
nvd
CVE-2023-34360
2023-07-31 06:15:09
cve
cve
CVE-2023-34360
2023-07-31 06:15:09

0.001 Low

EPSS

Percentile

20.8%

JSON
Related for CNVD-2023-63441
cvelist1prion1nvd1cve1