Rt-ac86u Firmware@3.0.0.4 386 51529 Security Vulnerabilities and Issues — Rt-ac86u Firmware@3.0.0.4 386 51529 CVE List

Lucene search

AsusRt-ac86u Firmware3.0.0.4 386 51529

10 matches found

CVE•added 2023/09/07 8:15 a.m.•2515 views

CVE-2023-39239

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary c...

7.2CVSS7.3AI score0.01215EPSS

CVE•added 2023/09/07 8:15 a.m.•2508 views

CVE-2023-39240

It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remo...

7.2CVSS7.3AI score0.01215EPSS

CVE•added 2023/09/07 8:15 a.m.•82 views

CVE-2023-39238

It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution,...

7.2CVSS7.3AI score0.03094EPSS

CVE•added 2023/07/21 7:15 a.m.•74 views

CVE-2023-35086

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessage_normal function, in the do_detwan_cgi module of httpd. A remote attacker with administrator privilege can exploit ...

7.2CVSS7.3AI score0.75121EPSS

CVE•added 2023/09/07 4:15 a.m.•46 views

CVE-2023-38031

ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

8.8CVSS9.2AI score0.01095EPSS

CVE•added 2023/09/07 7:15 a.m.•38 views

CVE-2023-38032

ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

8.8CVSS9.2AI score0.00694EPSS

CVE•added 2023/07/21 8:15 a.m.•36 views

CVE-2023-35087

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by lacking validation for a specific value when calling cm_processChangedConfigMsg in ccm_processREQ_CHANGED_CONFIG function in AiMesh system. An unauthenticated remote attacker can exploit t...

9.8CVSS9.7AI score0.01058EPSS

CVE•added 2023/09/07 7:15 a.m.•36 views

CVE-2023-39236

ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

8.8CVSS9.2AI score0.007EPSS

CVE•added 2023/09/07 7:15 a.m.•33 views

CVE-2023-39237

ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

8.8CVSS9.2AI score0.00601EPSS

CVE•added 2023/09/07 7:15 a.m.•32 views

CVE-2023-38033

ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

8.8CVSS9.2AI score0.007EPSS