ASUS Router 安全漏洞

ASUS Router is a router product and accompanying management application from ASUS, primarily used for wireless connectivity and management of home and business networks. An integer underflow vulnerability exists in ASUS Router, which can be exploited by an attacker to cause the availability of th...

VulnCheck KEV: CVE-2023-41345

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the...

EUVD-2017-14728

Malware in sbrugna...

EUVD-2018-17490

Malware in sbrugna...

EUVD-2013-3544

Malware in sbrugna...

EUVD-2021-26593

Malware in sbrugna...

EUVD-2013-4511

Malware in sbrugna...

EUVD-2021-27731

Malicious code in bioql PyPI...

EUVD-2023-45852

Malicious code in bioql PyPI...

EUVD-2021-28464

Malicious code in bioql PyPI...

EUVD-2021-28462

Malicious code in bioql PyPI...

CVE-2024-28325

Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to obtain unauthorized access and modify router settings...

CVE-2023-39086

ASUS RT-AC66U B1 3.0.0.4.28651665 was discovered to transmit sensitive information in cleartext...

CVE-2021-43702

ASUS RT-A88U 3.0.0.4.38645898 is vulnerable to Cross Site Scripting XSS. The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device...

CVE-2009-3093

Unspecified vulnerability on the ASUS WL-500W wireless router has unknown impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a...

CVE-2024-13062

An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution. Refer to the ' 01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information...

The vulnerability of the Traffic Analyzer – Statistical function in the microprogramming software for Wi-Fi routers from ASUS’ RT-AC86U allows a hacker to execute arbitrary commands or cause service failures.

The vulnerability of the Traffic Analyzer – Statistical function in ASUS’ Wi-Fi router software, the RT-AC86U, exists due to the lack of measures taken to neutralize certain components. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands or cause service...

PT-2023-4143 · Asus · Asus Rt-Ax88U

Name of the Vulnerable Software and Affected Versions: ASUS RT-AX88U affected versions not specified Description: The issue is related to an error in the do json decode function of the ej.c file in the ASUS RT-AX88U router's firmware, which can cause a buffer overflow. A remote attacker can explo...

ASUS RT-N10+ 2.0.3.4 CSRF / XSS / Command Execution

Exploit Title: XSS And CSRF to RCE in ASUS RT-N10 Repeater Mode Date: 13/10/2019 Exploit Author: Matheus Vrech Vendor Homepage: https://www.asus.com/ Version: ASUS RT-N10+, Firmware: 2.0.3.4 Tested on: Archlinux, Windows 10 XSS: when someone change router to repeater mode you should be able to...

PT-2014-3002

Name of the Vulnerable Software and Affected Versions: ASUS RT-AC68U and other RT series routers versions prior to 3.0.0.4.374.5047 Description: The issue allows remote authenticated users to execute arbitrary commands via shell metacharacters in the destIP parameter in the Target field of the...