Rt-Ax55 Firmware Security Vulnerabilities - 2023
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution,...
7.2CVSS
9.4AI Score
0.003EPSS
It is identified a format string vulnerability in ASUS RT-AX56U V2βs General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary c...
7.2CVSS
9.4AI Score
0.002EPSS
It is identified a format string vulnerability in ASUS RT-AX56U V2βs iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remo...
7.2CVSS
9.4AI Score
0.003EPSS
ASUS RT-AX55 v3.0.0.4.386.51598 was discovered to contain an authenticated command injection vulnerability.
8.8CVSS
8.9AI Score
0.005EPSS
ASUS RT-AX55βs authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the syst...
8.8CVSS
8.9AI Score
0.001EPSS
ASUS RT-AX55βs authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...
8.8CVSS
8.9AI Score
0.001EPSS
ASUS RT-AX55βs authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system o...
8.8CVSS
8.9AI Score
0.001EPSS
ASUS RT-AX55βs authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the ...
8.8CVSS
8.9AI Score
0.001EPSS