Rt-ac86u Firmware Security Vulnerabilities and Issues — Rt-ac86u Firmware CVE List

Lucene search

AsusRt-ac86u Firmware

4 matches found

CVE•added 2022/07/05 12:15 p.m.•114 views

CVE-2021-43702

ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.

9CVSS8.5AI score0.0052EPSS

CVE•added 2022/04/07 7:15 p.m.•78 views

CVE-2022-25595

ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to cause a denial of service by sending particular request a server-to-client reply attempt.

6.5CVSS6.4AI score0.00057EPSS

CVE•added 2022/04/07 7:15 p.m.•75 views

CVE-2022-25597

ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN attacker to perform command injection attack, execute arbitrary commands and disrupt or terminate service.

8.8CVSS9.4AI score0.0017EPSS

CVE•added 2022/04/07 7:15 p.m.•70 views

CVE-2022-25596

ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations and disrupt service.

8.8CVSS9.2AI score0.00074EPSS