32 matches found
VulnCheck KEV: CVE-2023-41348
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt th...
EUVD-2023-45851
Malicious code in bioql PyPI...
EUVD-2023-45849
Malicious code in bioql PyPI...
EUVD-2023-45850
Malicious code in bioql PyPI...
ASUS RT-AX55 Routers OS Command Injection Vulnerability
ASUS RT-AX55 devices contain an OS command injection vulnerability that could allow a remote, authenticated attacker to execute arbitrary commands. As represented by CVE-2023-41346...
CVE-2023-39780
On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /startapply.htm qosbwrulelist parameter. NOTE: for the similar "token-generated module" issue, see CVE-2023-41345; for the similar "token-refresh module" issue, see CVE-2023-41346; for the...
CVE-2023-41345
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the...
Command injection
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...
Command injection
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt th...
Command injection
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the syst...
CVE-2023-41348 ASUS RT-AX55 - command injection - 4
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt th...
CVE-2023-41348 ASUS RT-AX55 - command injection - 4
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt th...
CVE-2023-41347 ASUS RT-AX55 - command injection - 3
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...
CVE-2023-41347 ASUS RT-AX55 - command injection - 3
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...
CVE-2023-41346 ASUS RT-AX55 - command injection - 2
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the syst...
CVE-2023-41346 ASUS RT-AX55 - command injection - 2
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the syst...
CVE-2023-41345 ASUS RT-AX55 - command injection - 1
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the...
ASUS RT-AX55 Security Breach
The ASUS RT-AX55 is a dual-band Wi-Fi router from Asus China. A security vulnerability exists in the ASUS RT-AX55, which originates from an insufficient special character filtering issue in the token-refresh module of authentication-related functions. An attacker can exploit this vulnerability to...
PT-2023-7411
Name of the Vulnerable Software and Affected Versions ASUS RT-AX55 affected versions not specified ASUS RT-AC86U affected versions not specified Description The authentication-related function in the ASUS RT-AX55 and RT-AC86U routers has a vulnerability due to insufficient filtering of special...
PT-2023-7408
Name of the Vulnerable Software and Affected Versions ASUS RT-AX55 affected versions not specified ASUS RT-AC86U affected versions not specified Description The authentication-related function in the affected devices has a vulnerability due to insufficient filtering of special characters within i...