Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus asus firmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-29772
A Cross-site scripting (XSS) vulnerability in the System Log/General Log page of the administrator web UI in ASUS RT-AC51U wireless router firmware version up to and including 3.0.0.4.380.8591 allows remote malicious users to inject arbitrary web script or HTML via a malicious ne...
Asus Rt-ac51u Firmware
NA
CVE-2023-26602
ASUS ASMB8 iKVM firmware up to and including 1.14.51 allows remote malicious users to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution.
Asus Asmb8-ikvm Firmware
1 Github repository
NA
CVE-2021-37315
Incorrect Access Control issue discoverd in Cloud Disk in ASUS RT-AC68U router firmware version prior to 3.0.0.4.386.41634 allows remote malicious users to write arbitrary files via improper sanitation on the source for COPY and MOVE operations.
Asus Rt-ac68u Firmware
NA
CVE-2021-37317
Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version prior to 3.0.0.4.386.41634 allows remote malicious users to write arbitrary files via improper sanitation on the target for COPY and MOVE operations.
Asus Rt-ac68u Firmware
NA
CVE-2021-37316
SQL injection vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version prior to 3.0.0.4.386.41634 allows remote malicious users to view sensitive information via /etc/shadow.
Asus Rt-ac68u Firmware
NA
CVE-2022-38105
An information disclosure vulnerability exists in the cm_processREQ_NC opcode of Asus RT-AX82U 3.0.0.4.386_49674-ge182230 router's configuration service. A specially-crafted network packets can lead to a disclosure of sensitive information. An attacker can send a network req...
Asus Rt-ax82u Firmware 3.0.0.4.386 49674-ge182230
NA
CVE-2022-38393
A denial of service vulnerability exists in the cfg_server cm_processConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.386_49674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet t...
Asus Rt-ax82u Firmware 3.0.0.4.386 49674-ge182230
NA
CVE-2022-35401
An authentication bypass vulnerability exists in the get_IFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.386_49674-ge182230. A specially-crafted HTTP request can lead to full administrative access to the device. An attacker would need to send a series of HTTP requests to e...
Asus Rt-ax82u Firmware 3.0.0.4.386 49674-ge182230
NA
CVE-2022-4221
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated malicious user to inject arbitrary OS commands via unsanitized cookie values.This issue affects NAS-M25: up to and includin...
Asus Nas-m25 Firmware
NA
CVE-2020-23648
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system.asp / start_apply.htm, an attacker can change the administrator password without any authentication.
Asus Rt-n12e Firmware 2.0.0.39
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »