Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-35086
HistoryJul 21, 2023 - 7:15 a.m.

Format string

2023-07-2107:15:00
PRIOn knowledge base
www.prio-n.com
4
format string vulnerability
asus rt-ax56u v2
rt-ac86u
remote arbitrary code execution
version 3.0.0.4.386_50460
version 3.0.0.4_386_51529
unauthenticated remote attacker
disrupt service

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.2%

JSON

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessage_normal function, in the do_detwan_cgi module of httpd. An unauthenticated remote attacker without privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.

This issue affects RT-AX56U V2: 3.0.0.4.386_50460; RT-AC86U: 3.0.0.4_386_51529.

Related

cve 1
cvelist 1
nvd 1
githubexploit 1
cve
cve
CVE-2023-35086
2023-07-21 07:15:10
cvelist
cvelist
CVE-2023-35086 ASUS RT-AX56U V2 & RT-AC86U - Format String -1
2023-07-21 06:32:20
nvd
nvd
CVE-2023-35086
2023-07-21 07:15:10
githubexploit
githubexploit
Exploit for Use of Externally-Controlled Format String in Asus Rt-Ac86U Firmware
2023-07-25 01:36:07

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.2%

JSON
Related for PRION:CVE-2023-35086
cve1cvelist1nvd1githubexploit1