30 matches found
CVE-2022-35401
An authentication bypass vulnerability exists in the getIFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.38649674-ge182230. A specially-crafted HTTP request can lead to full administrative access to the device. An attacker would need to send a series of HTTP requests to exploit this...
EUVD-2022-40707
Malicious code in bioql PyPI...
EUVD-2022-38291
Malicious code in bioql PyPI...
EUVD-2022-40979
Malicious code in bioql PyPI...
CVE-2022-38393
A denial of service vulnerability exists in the cfgserver cmprocessConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.38649674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this...
ASUS RT-AX82U Authentication Error Vulnerability
The ASUS RT-AX82U is a wireless router from the Chinese company ASUS. The ASUS RT-AX82U 3.0.0.4.38649674-ge182230 suffers from an authentication error vulnerability that stems from improper authentication in the getIFTTTtoken.cgi function. An attacker could use this vulnerability to access the...
ASUS RT-AX82U Denial of Service Vulnerability
The ASUS RT-AX82U is a wireless router from the Chinese company ASUS. A denial of service vulnerability exists in ASUS RT-AX82U version 3.0.0.4.38649674-ge182230, which stems from improper input validation of the cfgserver cmprocessConnDiagPktList opcode of the router configuration service, which...
CVE-2022-35401
An authentication bypass vulnerability exists in the getIFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.38649674-ge182230. A specially-crafted HTTP request can lead to full administrative access to the device. An attacker would need to send a series of HTTP requests to exploit this...
CVE-2022-38393
A denial of service vulnerability exists in the cfgserver cmprocessConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.38649674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this...
CVE-2022-38105
An information disclosure vulnerability exists in the cmprocessREQNC opcode of Asus RT-AX82U 3.0.0.4.38649674-ge182230 router's configuration service. A specially-crafted network packets can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this...
CVE-2022-35401
An authentication bypass vulnerability exists in the getIFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.38649674-ge182230. A specially-crafted HTTP request can lead to full administrative access to the device. An attacker would need to send a series of HTTP requests to exploit this...
CVE-2022-38393
A denial of service vulnerability exists in the cfgserver cmprocessConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.38649674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this...
Denial of service
A denial of service vulnerability exists in the cfgserver cmprocessConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.38649674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this...
Authentication flaw
An authentication bypass vulnerability exists in the getIFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.38649674-ge182230. A specially-crafted HTTP request can lead to full administrative access to the device. An attacker would need to send a series of HTTP requests to exploit this...
Information disclosure
An information disclosure vulnerability exists in the cmprocessREQNC opcode of Asus RT-AX82U 3.0.0.4.38649674-ge182230 router's configuration service. A specially-crafted network packets can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this...
CVE-2022-35401
An authentication bypass vulnerability exists in the getIFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.38649674-ge182230. A specially-crafted HTTP request can lead to full administrative access to the device. An attacker would need to send a series of HTTP requests to exploit this...
CVE-2022-35401
An authentication bypass vulnerability exists in the getIFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.38649674-ge182230. A specially-crafted HTTP request can lead to full administrative access to the device. An attacker would need to send a series of HTTP requests to exploit this...
CVE-2022-35401
Summary (CVE-2022-35401) : Talos reports an authentication bypass in Asus RT-AX82U (version 3.0.0.4.386_49674-ge182230) via the get_IFTTTTtoken.cgi endpoint. A remote attacker can obtain full administrative access by sending a series of HTTP requests. The exploit path relies on how the router han...
CVE-2022-38105
CVE-2022-38105 affects Asus RT-AX82U (3.0.0.4.386_49674-ge182230). Talos singles out the cm_processREQ_NC information-disclosure vulnerability: a specially crafted network packet can leak sensitive data. The root cause involves the master_key handling in cm_processREQ_NC, where the code allocates...
CVE-2022-38105
An information disclosure vulnerability exists in the cmprocessREQNC opcode of Asus RT-AX82U 3.0.0.4.38649674-ge182230 router's configuration service. A specially-crafted network packets can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this...