16 matches found
CVE-2026-7480
CVE-2026-7480 : An Incorrect Permission Assignment for Critical Resource vulnerability affects the ASUS System Control Interface. A local user can elevate privileges to SYSTEM and execute arbitrary code by sending a crafted RPC call that bypasses the validation mechanism. This description is supp...
CVE-2025-12003
A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information...
CVE-2025-59370
A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to the 'Security Update for ASUS Router Firmware' section on...
EUVD-2025-199562
A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information...
CVE-2025-59365
A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...
VulnCheck KEV: CVE-2025-2492
An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions. Refer to the 'ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information...
CVE-2025-9338
A improper restriction of operations within the bounds of a memory buffer exists in AsIO3.sys driver. This vulnerability can be triggered by manually executing a specially crafted process, potentially leading to local privilage escalation. For additional information, please refer to the 'Security...
CVE-2025-9336
A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading to a system crash BSOD or other potentially undefined execution. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory f...
CVE-2025-9337
A null pointer dereference has been identified in the AsIO3.sys driver. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash BSOD. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information...
CVE-2025-9968
A link following vulnerability exists in the UnifyScanner component of Armoury Crate. This vulnerability may be triggered by creating a specially crafted junction, potentially leading to local privilege escalation. For more information, please refer to section 'Security Update for Armoury Crate...
CVE-2025-9336
A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading to a system crash BSOD or other potentially undefined execution. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory f...
CVE-2025-9337
The vulnerability is a null pointer dereference in the AsIO3.sys driver used by ASUS Armoury Crate. Affected component: AsIO3.sys; root cause: null pointer dereference triggered by specially crafted input. Consequence: system crash (BSOD). References to ASUS advisory indicate impact tied to Armou...
CVE-2025-9336
The CVE-2025-9336 entry concerns the ASUS Armoury Crate software, specifically the AsIO3.sys driver. Multiple sources confirm a stack buffer overflow in AsIO3.sys that can be triggered by input manipulation, potentially leading to a system crash (BSOD) or other undefined execution. Consequences n...
PT-2025-41782
Name of the Vulnerable Software and Affected Versions ASUS versions affected versions not specified Description A flaw exists in the AsIO3.sys driver where a specially crafted input can cause a null pointer dereference, potentially leading to a system crash, also known as a Blue Screen of Death...
PT-2025-41781
Name of the Vulnerable Software and Affected Versions ASUS AsIO3.sys driver affected versions not specified Description A stack buffer overflow exists in the AsIO3.sys driver. This issue is triggered by input manipulation and could result in a system crash, also known as a Blue Screen of Death...
EUVD-2025-18377
Malicious code in bioql PyPI...