Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv2
CVE-2022-23970
ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another file with the same file name, which results in...
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
4.8
CVSSv2
CVE-2022-23971
ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another PLC/PORT file with the same file name, which r...
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
5.8
CVSSv2
CVE-2022-23972
ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN malicious user to inject arbitrary SQL code to read, modify and delete database.
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
5.8
CVSSv2
CVE-2022-23973
ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service.
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
7.5
CVSSv2
CVE-2021-45756
Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi.
Asus Rt-ac68u Firmware
Asus Rt-ac5300 Firmware
7.8
CVSSv2
CVE-2021-45757
ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS).
Asus Rt-ac68u Firmware
7.5
CVSSv2
CVE-2022-22814
The System Diagnosis service of MyASUS prior to 3.1.2.0 allows privilege escalation.
Asus Myasus
3.6
CVSSv2
CVE-2022-22262
ROG Live Service’s function for deleting temp files created by installation has an improper link resolution before file access vulnerability. Since this function does not validate the path before deletion, an unauthenticated local attacker can create an unexpected symbolic ...
Asus Rog Live Service
5
CVSSv2
CVE-2021-46247
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00.
Asus Cmax6000 Firmware 1.02.00
7.2
CVSSv2
CVE-2022-21933
ASUS VivoMini/Mini PC device has an improper input validation vulnerability. A local attacker with system privilege can use system management interrupt (SMI) to modify memory, resulting in arbitrary code execution for controlling the system or disrupting service.
Asus Vc65-c1 Firmware
Asus Pb60v Firmware
Asus Pb60g Firmware
Asus Pb60s Firmware
Asus Pa90 Firmware
Asus Pb50 Firmware
Asus Pb60 Firmware
Asus Pb61v Firmware
Asus Ts10 Firmware
Asus Pn40 Firmware
Asus Pn60 Firmware
Asus Pn30 Firmware
Asus Un65u Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »