Lucene search

K
AsusRt-ax55 Firmware

8 matches found

CVE
CVE
added 2023/09/07 8:15 a.m.2515 views

CVE-2023-39239

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary c...

7.2CVSS7.3AI score0.00848EPSS
CVE
CVE
added 2023/09/07 8:15 a.m.2508 views

CVE-2023-39240

It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remo...

7.2CVSS7.3AI score0.00848EPSS
CVE
CVE
added 2023/09/11 7:15 p.m.158 views

CVE-2023-39780

On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist parameter. NOTE: for the similar "token-generated module" issue, see CVE-2023-41345; for the similar "token-refresh module" issue, see CVE-2023-41346; for the...

8.8CVSS9AI score0.70185EPSS
CVE
CVE
added 2023/11/03 5:15 a.m.138 views

CVE-2023-41346

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...

8.8CVSS9.1AI score0.00598EPSS
CVE
CVE
added 2023/11/03 5:15 a.m.128 views

CVE-2023-41345

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the syst...

8.8CVSS9.1AI score0.00598EPSS
CVE
CVE
added 2023/11/03 5:15 a.m.111 views

CVE-2023-41347

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system o...

8.8CVSS9.1AI score0.00598EPSS
CVE
CVE
added 2023/11/03 5:15 a.m.106 views

CVE-2023-41348

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the ...

8.8CVSS9.1AI score0.00598EPSS
CVE
CVE
added 2023/09/07 8:15 a.m.82 views

CVE-2023-39238

It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution,...

7.2CVSS7.3AI score0.03383EPSS