Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus rt-ax56u firmware vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2022-23970
ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another file with the same file name, which results in...
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
6.5
CVSSv3
CVE-2022-22054
ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network malicious user to access restricted system paths and download arbitrary files.
Asus Rt-ax56u Firmware 3.0.0.4.386.44266
8.1
CVSSv3
CVE-2022-23971
ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another PLC/PORT file with the same file name, which r...
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
8.8
CVSSv3
CVE-2022-23973
ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service.
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
8.8
CVSSv3
CVE-2022-23972
ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN malicious user to inject arbitrary SQL code to read, modify and delete database.
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
8
CVSSv3
CVE-2021-44158
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service.
Asus Rt-ax56u Firmware 3.0.0.4.386.44266
8.8
CVSSv3
CVE-2021-40556
A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by "caupload" input handle function allowing the user to enter 0xFFFF bytes into the stack. This vuln...
Asus Rt-ax56u Firmware 3.0.0.4.386.44266
7.2
CVSSv3
CVE-2023-35086
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessage_normal function, in the do_detwan_cgi module of httpd. A remote attacker with administrato...
Asus Rt-ac86u Firmware 3.0.0.4 386 51529
Asus Rt-ax56u V2 Firmware 3.0.0.4.386 50460
1 Github repository
9.8
CVSSv3
CVE-2023-35087
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by lacking validation for a specific value when calling cm_processChangedConfigMsg in ccm_processREQ_CHANGED_CONFIG function in AiMesh system. An unauthenticated remot...
Asus Rt-ac86u Firmware 3.0.0.4 386 51529
Asus Rt-ax56u V2 Firmware 3.0.0.4.386 50460
7.2
CVSSv3
CVE-2023-39238
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbit...
Asus Rt-ax55 Firmware 3.0.0.4.386 50460
Asus Rt-ax56u V2 Firmware 3.0.0.4.386 50460
Asus Rt-ac86u Firmware 3.0.0.4 386 51529
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »