83 matches found
EUVD-2023-42970
Malicious code in bioql PyPI...
EUVD-2023-41858
Malicious code in bioql PyPI...
EUVD-2023-32345
Malicious code in bioql PyPI...
EUVD-2023-41859
Malicious code in bioql PyPI...
EUVD-2022-30258
Malicious code in bioql PyPI...
EUVD-2023-42971
Malicious code in bioql PyPI...
EUVD-2023-41860
Malicious code in bioql PyPI...
CVE-2024-0401
CVE-2024-0401 affects multiple ASUS routers that support custom OpenVPN profiles. An authenticated, remote attacker can execute arbitrary OS commands by uploading a crafted OVPN profile, with impact on confidentiality, integrity, and availability per the cited sources. Affected models include: AS...
CVE-2024-0401 ASUS OVPN RCE
ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U,...
PT-2023-7411
Name of the Vulnerable Software and Affected Versions ASUS RT-AX55 affected versions not specified ASUS RT-AC86U affected versions not specified Description The authentication-related function in the ASUS RT-AX55 and RT-AC86U routers has a vulnerability due to insufficient filtering of special...
PT-2023-7408
Name of the Vulnerable Software and Affected Versions ASUS RT-AX55 affected versions not specified ASUS RT-AC86U affected versions not specified Description The authentication-related function in the affected devices has a vulnerability due to insufficient filtering of special characters within i...
PT-2023-7409
Name of the Vulnerable Software and Affected Versions ASUS RT-AX55 affected versions not specified ASUS RT-AC86U affected versions not specified Description The vulnerability exists in the authentication-related function of the router's software due to insufficient filtering of special characters...
PT-2023-7410
Name of the Vulnerable Software and Affected Versions ASUS RT-AX55 affected versions not specified ASUS RT-AC86U affected versions not specified Description The authentication-related function in ASUS routers has a flaw due to inadequate filtering of special characters within the token-generated...
CVE-2023-39236
ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...
CVE-2023-38032
ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...
CVE-2023-38033
ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...
CVE-2023-39237
ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...
CVE-2023-39237
ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...
CVE-2023-39236
ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...
Command injection
ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...