44 matches found
VulnCheck KEV: CVE-2023-41348
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt th...
EUVD-2023-45851
Malicious code in bioql PyPI...
EUVD-2023-45849
Malicious code in bioql PyPI...
EUVD-2023-45850
Malicious code in bioql PyPI...
ASUS RT-AX55 Routers OS Command Injection Vulnerability
ASUS RT-AX55 devices contain an OS command injection vulnerability that could allow a remote, authenticated attacker to execute arbitrary commands. As represented by CVE-2023-41346...
CVE-2023-39780
On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /startapply.htm qosbwrulelist parameter. NOTE: for the similar "token-generated module" issue, see CVE-2023-41345; for the similar "token-refresh module" issue, see CVE-2023-41346; for the...
PT-2024-9469 · Asus · Asus Rt-Ax55 V2 +6
Name of the Vulnerable Software and Affected Versions: ASUS RT-AX55 version ASUS RT-AX55 V2 version ASUS RT-AX56U version ASUS RT-AX56U V2 version ASUS RT-AX57 version ASUS RT-AX58U version ASUS RT-AX58U V2 version Description: The issue is related to insufficient input validation, which can be...
CVE-2024-0401
CVE-2024-0401 affects multiple ASUS routers that support custom OpenVPN profiles. An authenticated, remote attacker can execute arbitrary OS commands by uploading a crafted OVPN profile, with impact on confidentiality, integrity, and availability per the cited sources. Affected models include: AS...
CVE-2024-0401 ASUS OVPN RCE
ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U,...
CVE-2023-41347
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...
CVE-2023-41345
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the...
Command injection
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the syst...
Command injection
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt th...
Command injection
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...
Command injection
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the...
CVE-2023-41348 ASUS RT-AX55 - command injection - 4
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt th...
CVE-2023-41348
CVE-2023-41348 affects ASUS RT-AX55 devices and is caused by insufficient filtering of special characters in the code-authentication module of the authentication-related function. An authenticated remote attacker can exploit this to perform a Command Injection , leading to arbitrary command execu...
CVE-2023-41348 ASUS RT-AX55 - command injection - 4
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt th...
CVE-2023-41347 ASUS RT-AX55 - command injection - 3
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...
CVE-2023-41347 ASUS RT-AX55 - command injection - 3
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...