Rt-ax56u Firmware@3.0.0.4.386.45898 Security Vulnerabilities and Issues — Rt-ax56u Firmware@3.0.0.4.386.45898 CVE List

Lucene search

AsusRt-ax56u Firmware3.0.0.4.386.45898

4 matches found

CVE•added 2022/04/07 7:15 p.m.•81 views

CVE-2022-23971

ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another PLC/PORT file with the same file name, which results in service disrupt...

8.1CVSS8.1AI score0.00076EPSS

CVE•added 2022/04/07 7:15 p.m.•79 views

CVE-2022-23970

ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another file with the same file name, which results in service disruption.

8.1CVSS8.1AI score0.00076EPSS

CVE•added 2022/04/07 7:15 p.m.•67 views

CVE-2022-23972

ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN attacker to inject arbitrary SQL code to read, modify and delete database.

8.8CVSS9.1AI score0.00056EPSS

CVE•added 2022/04/07 7:15 p.m.•65 views

CVE-2022-23973

ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service.

8.8CVSS9.2AI score0.00074EPSS