CVE-2021-41437

2022-09-2613:18:38

mitre

www.cve.org

http response splitting

asus rt-ax88u

unauthorized access

cloud storage

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.7%

JSON

An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558 allows an attacker to craft a specific URL that if an authenticated victim visits it, the URL will give access to the cloud storage of the attacker.

References

github.com/efchatz/easy-exploits/tree/main/Web/ASUS/CVE-2021-41437

www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-Gaming-Routers/RT-AX88U/HelpDesk_BIOS/