Lucene search
+L

21 matches found

RedhatCVE
RedhatCVE
added 2025/11/27 3:3 p.m.10 views

CVE-2025-59369

A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary SQL queries, leading to unauthorized data access. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security...

5.9CVSS8.1AI score0.00427EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/27 3:3 p.m.6 views

CVE-2025-59370

A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to the 'Security Update for ASUS Router Firmware' section on...

7.5CVSS7.8AI score0.00957EPSS
Exploits0References1
NVD
NVD
added 2025/11/25 8:15 a.m.8 views

CVE-2025-59370

A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to the 'Security Update for ASUS Router Firmware' section on...

7.5CVSS0.00957EPSS
Exploits0References1
NVD
NVD
added 2025/11/25 8:15 a.m.6 views

CVE-2025-12003

A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information...

8.2CVSS0.00641EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/25 7:30 a.m.5 views

CVE-2025-59372

A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on...

6.9CVSS6.5AI score0.00567EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/25 7:30 a.m.15 views

CVE-2025-59371

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security...

7.5CVSS0.00735EPSS
Exploits0References1
CVE
CVE
added 2025/11/25 7:30 a.m.30 views

CVE-2025-59371

CVE-2025-59371 describes an authentication bypass in the ASUS Router’s IFTTT integration. A remote, authenticated attacker could exploit the flaw to potentially gain unauthorized access to the device. The vulnerability is characterized by a network attack vector with low attack complexity and req...

7.5CVSS6.6AI score0.00735EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/25 7:30 a.m.3 views

CVE-2025-59371

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security...

7.5CVSS6.6AI score0.00735EPSS
Exploits0References1
CVE
CVE
added 2025/11/25 7:30 a.m.19 views

CVE-2025-59370

CVE-2025-59370 describes a command injection vulnerability in the ASUS Router component bwdpi. The issue allows remote, authenticated attackers to potentially execute arbitrary commands, leading to the device performing unintended instructions. Affects ASUS Router firmware with a network-based at...

7.5CVSS7.5AI score0.00957EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/25 7:30 a.m.5 views

EUVD-2025-199559

A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to the 'Security Update for ASUS Router Firmware' section on...

7.5CVSS7.3AI score0.00957EPSS
Exploits0References2
CVE
CVE
added 2025/11/25 7:29 a.m.16 views

CVE-2025-59369

CVE-2025-59369 affects ASUS Router firmware through the bwdpi component, where a SQL injection vulnerability exists. The root cause described across connected docs is improper handling/validation of SQL statements, enabling a remote, authenticated attacker to potentially execute arbitrary SQL que...

5.9CVSS7.8AI score0.00427EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/25 7:29 a.m.5 views

CVE-2025-59369

A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary SQL queries, leading to unauthorized data access. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security...

5.9CVSS7.7AI score0.00427EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/25 7:29 a.m.15 views

CVE-2025-59369

A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary SQL queries, leading to unauthorized data access. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security...

5.9CVSS0.00427EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/25 7:28 a.m.6 views

CVE-2025-12003

A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information...

8.2CVSS6.7AI score0.00641EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/25 7:28 a.m.15 views

CVE-2025-12003

A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information...

8.2CVSS0.00641EPSS
Exploits0References1
CVE
CVE
added 2025/11/25 7:28 a.m.16 views

CVE-2025-12003

CVE-2025-12003 describes a path traversal vulnerability in ASUS Router WebDAV that may allow unauthenticated remote attackers to impact device integrity. Multiple connected sources (Red Hat, CNVD, CVE lists) corroborate a WebDAV path traversal affecting ASUS Router, with the ASUS Security Advisor...

8.2CVSS6.8AI score0.00641EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.9 views

PT-2025-48020

A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to the 'Security Update for ASUS Router Firmware' section on...

7.5CVSS7.8AI score0.00957EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.6 views

PT-2025-48016

Name of the Vulnerable Software and Affected Versions ASUS Router Firmware affected versions not specified Description A stack buffer overflow condition exists in certain router models. An authenticated attacker can trigger this issue by sending a specially crafted request, which may lead to a...

6.9CVSS6.8AI score0.00395EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.9 views

PT-2025-48019

A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary SQL queries, leading to unauthorized data access. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security...

5.9CVSS8.2AI score0.00427EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/11/19 12:0 a.m.5 views

ASUS routers 安全漏洞

ASUS routers is a router app from ASUS of Taiwan, China. A security vulnerability exists in ASUS routers that stems from a problem with the router firmware's limit on the number of login attempts, which allows remote attackers to attempt an arbitrary number of login attempts by sending a specific...

10CVSS8.5AI score0.05994EPSS
Exploits0References9
Rows per page
Query Builder