19 matches found
EUVD-2023-42973
Malicious code in bioql PyPI...
EUVD-2023-42972
Malicious code in bioql PyPI...
EUVD-2023-42974
Malicious code in bioql PyPI...
PT-2024-9469 · Asus · Asus Rt-Ax55 V2 +6
Name of the Vulnerable Software and Affected Versions: ASUS RT-AX55 version ASUS RT-AX55 V2 version ASUS RT-AX56U version ASUS RT-AX56U V2 version ASUS RT-AX57 version ASUS RT-AX58U version ASUS RT-AX58U V2 version Description: The issue is related to insufficient input validation, which can be...
The vulnerability of the cm_processChangedConfigMsg function in ASUS’ Wi-Fi router microprogramming systems, such as the RT-AX56U V2 and RT-AC86U models, allows a hacker to execute arbitrary code or cause malfunctions in the device.
The vulnerability of the cmprocessChangedConfigMsg function in ASUS’ Wi-Fi router microprogramming systems, such as the RT-AX56U V2 and RT-AC86U models, is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause...
CVE-2023-39240
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its setiperf3cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remo...
CVE-2023-39239
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary...
CVE-2023-39238
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its setiperf3svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution,...
Format string
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its setiperf3cli.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perfor...
Format string
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its setiperf3svr.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code...
CVE-2023-39240
CVE-2023-39240 affects ASUS RT-AX56U V2: a format string vulnerability in the iperf client API, caused by insufficient validation in set_iperf3_cli.cgi. A remote attacker with administrator privileges could achieve remote code execution or service disruption. Exploitation details are not provided...
CVE-2023-39239 ASUS RT-AX55、RT-AX56U_V2、RT-AC86U - Format String - 2
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary...
CVE-2023-39239 ASUS RT-AX55、RT-AX56U_V2、RT-AC86U - Format String - 2
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary...
CVE-2023-39238 ASUS RT-AX55、RT-AX56U_V2 - Format String - 1
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its setiperf3svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution,...
CVE-2023-39238
CVE-2023-39238 affects ASUS RT-AX56U V2. The issue is a format string vulnerability in the set_iperf3_svr.cgi module caused by missing input validation. A remote attacker with administrator privileges can trigger remote arbitrary code execution, alter system operation, or disrupt service. Reporte...
CVE-2023-35086
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessagenormal function, in the dodetwancgi module of httpd. A remote attacker with administrator privilege can exploit...
Format string
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessagenormal function, in the dodetwancgi module of httpd. An unauthenticated remote attacker without privilege can...
CVE-2023-35086 ASUS RT-AX56U V2 & RT-AC86U - Format String -1
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessagenormal function, in the dodetwancgi module of httpd. A remote attacker with administrator privilege can exploit...
PT-2023-7593 · Asus · Asus Rt-Ac86U +1
Name of the Vulnerable Software and Affected Versions: ASUS RT-AX56U V2 version 3.0.0.4.386 50460 ASUS RT-AC86U version 3.0.0.4 386 51529 Description: The issue is related to a format string vulnerability in the cm processChangedConfigMsg function of the AiMesh system. This vulnerability is cause...