Lucene search
+L

342 matches found

Cvelist
Cvelist
added 3 days ago42 views

CVE-2026-13385

An Improper Validation of Integrity Check Value and Improper Certificate Validation in certain ASUS router models allows a remote man-in-the-middleMITM user to make the router download and execute arbitrary command via a spoofed server. Refer to the ' Security Update for ASUS Router Firmware '...

9.5CVSS0.00103EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago11 views

EUVD-2026-44584

Improper Neutralization of Special Elements used in an SQL Command "SQL Injection" in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the ' ...

5.9CVSS6.1AI score0.00314EPSS
Exploits0References1
CVE
CVE
added 3 days ago10 views

CVE-2026-11851

CVE-2026-11851 is an SQL Injection vulnerability in the web management interface of certain ASUS router models. The root cause is improper neutralization of special elements in SQL commands. It can be exploited by a remote authenticated attacker with high privileges, without user interaction, to ...

5.9CVSS6.1AI score0.00314EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 3 days ago13 views

PT-2026-58872

Name of the Vulnerable Software and Affected Versions ASUS router models affected versions not specified Description Improper Validation of Integrity Check Value and Improper Certificate Validation allow a remote man-in-the-middle MITM user to force the router to download and execute arbitrary...

9.5CVSS6.3AI score0.00103EPSS
Exploits0References4
NVD
NVD
added 2026/07/03 3:16 a.m.10 views

CVE-2026-12960

An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send a crafted Intent that causes ASUS Router App to open an specified URL. Refer to the ' Security Update for ASUS Router Android App ' section on the ASUS...

6CVSS0.00116EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 2:0 a.m.11 views

EUVD-2026-41482

An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send a crafted Intent that causes ASUS Router App to open an specified URL. Refer to the ' Security Update for ASUS Router Android App ' section on the ASUS...

6CVSS5.8AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 2026/07/03 2:0 a.m.19 views

CVE-2026-12960

CVE-2026-12960 affects the ASUS Router Android app. The issue is an Improper Export of Android Application Components, where a local third-party app on the same device can send a crafted Intent that causes the ASUS Router App to open a specified URL. CVSS metrics indicate local access, low comple...

6CVSS5.8AI score0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/03 2:0 a.m.37 views

CVE-2026-12960

An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send a crafted Intent that causes ASUS Router App to open an specified URL. Refer to the ' Security Update for ASUS Router Android App ' section on the ASUS...

6CVSS0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/03 2:0 a.m.8 views

CVE-2026-12960

An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send a crafted Intent that causes ASUS Router App to open an specified URL. Refer to the ' Security Update for ASUS Router Android App ' section on the ASUS...

6CVSS5.8AI score0.00116EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/12 5:36 a.m.165 views

Exploit for CVE-2024-12912

Origasus origasus.go ile derlenen, ASUS AiCloud / AsusWRT i...

9.2CVSS5.8AI score0.15404EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/03/27 4:59 a.m.5 views

CVE-2025-15101

An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbitrary system commands via a crafted parameter. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisor...

8.8CVSS6.1AI score0.00899EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 3:16 a.m.4 views

CVE-2025-15101

An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbitrary system commands via a crafted parameter. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisor...

8.8CVSS0.00899EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/26 2:1 a.m.35 views

CVE-2025-15101

An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbitrary system commands via a crafted parameter. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisor...

8.6CVSS0.00899EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 2:1 a.m.3 views

CVE-2025-15101

An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbitrary system commands via a crafted parameter. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisor...

8.8CVSS6.1AI score0.00899EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/26 2:1 a.m.20 views

CVE-2025-15101

The CVE-2025-15101 entry describes a CSRF vulnerability in the web management interface of certain ASUS routers. Affected component: the web management UI; underlying cause is CSRF that allows actions with the privileges of an authenticated user, potentially enabling execution of system commands ...

8.8CVSS6.1AI score0.00899EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/26 2:1 a.m.9 views

CVE-2025-15101

An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbitrary system commands via a crafted parameter. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisor...

8.6CVSS6.1AI score0.00899EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.8 views

ASUS Router 安全漏洞

ASUS Router is a router app developed by ASUS Corporation in China. ASUS Router has a security vulnerability, which stems from a cross-site request forgeing vulnerability in the web management interface. This vulnerability may allow operations to be performed with the existing permissions of...

8.8CVSS5.7AI score0.00899EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.15 views

PT-2026-28188

Name of the Vulnerable Software and Affected Versions ASUS routers affected versions not specified Description A Cross-Site Request Forgery CSRF issue exists in the Web management interface of ASUS routers. This allows actions to be performed with the privileges of an authenticated user. This...

8.8CVSS5.9AI score0.00899EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2026/03/10 12:0 a.m.233 views

📄 ASUS Router Multi-Stage Command Injection

A multi‑stage command injection vulnerability allows an attacker to achieve remote command execution on a vulnerable ASUS router by abusing the SETROOTCERTIFICATE and APPLYAPP HTTP methods. In the first stage, a malicious shell script is uploaded to the target system disguised as a certificate fi...

9.8CVSS6.3AI score0.01031EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.15 views

CVE-2023-31195

ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. When an attacker is in a position to be able to mount a man-in-the-middle attack, and a user is tricked to log into the affected device through an unencrypted 'http' connection, t...

5.3CVSS6.5AI score0.0027EPSS
Exploits0References1
Rows per page
Query Builder