36 matches found
CVE-2025-59368
An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security...
CVE-2025-59372
A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on...
EUVD-2025-199558
An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security...
CVE-2025-59366
An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specific functions without proper authorization. Refer to the Security Update for ASUS Router Firmware...
EUVD-2025-199586
An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specific functions without proper authorization. Refer to the Security Update for ASUS Router Firmware...
PT-2025-47993
Name of the Vulnerable Software and Affected Versions ASUS Router WebDAV affected versions not specified Description A path traversal issue exists in WebDAV, potentially allowing remote attackers without authentication to compromise the integrity of the device. The issue may allow unauthorized...
VulnCheck KEV: CVE-2024-12912
An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information...
CVE-2025-59367
An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information...
CVE-2025-59367
An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information...
EUVD-2025-150354
An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information...
CVE-2025-59367
An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information...
CVE-2025-9338
The connected PT-Security advisory for PT-2025-45177 confirms a vulnerability in AsIO3.sys involving improper restriction of operations within a memory buffer, enabling local privilege escalation if a specially crafted process is executed. It identifies AsIO3.sys as the affected driver and notes ...
EUVD-2025-34060
A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading to a system crash BSOD or other potentially undefined execution. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory f...
CVE-2025-9337
A null pointer dereference has been identified in the AsIO3.sys driver. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash BSOD. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information...
CVE-2025-9337
A null pointer dereference has been identified in the AsIO3.sys driver. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash BSOD. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information...
EUVD-2024-51221
Malicious code in bioql PyPI...
EUVD-2024-51187
Malicious code in bioql PyPI...
EUVD-2025-14316
Malicious code in bioql PyPI...
EUVD-2024-51315
Malicious code in bioql PyPI...
CVE-2025-4569
An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized actor to obtain a token that could be used to communicate with certain services. Refer to the 'Security Update for for MyASUS' section on the ASUS Security Advisory for more information...