Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-2925
Cross-site scripting (XSS) vulnerability in Advanced_Wireless_Content.asp in ASUS RT-AC68U and other RT series routers with firmware prior to 3.0.0.4.374.5047 allows remote malicious users to inject arbitrary web script or HTML via the current_page parameter to apply.cgi.
T-mobile Tm-ac1900 3.0.0.4.376 3169
Asus Rt-ac68u Firmware
Asus Rt-ac68u Firmware 3.0.0.4.374.4755
Asus Rt-ac68u Firmware 3.0.0.4.374 4887
Asus Rt-ac68u -
5
CVSSv2
CVE-2018-8878
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware prior to 3.0.0.4.382.50470 for devices allows remote malicious users to acquire information on internal network devices' hostnames and MAC addresses by reading the custom_id...
Asuswrt-merlin Asuswrt-merlin
Asus Asus Firmware
5
CVSSv2
CVE-2018-8877
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware prior to 3.0.0.4.382.50470 for devices allows remote malicious users to acquire information on internal network IP address ranges by reading the new_lan_ip variable on the error_...
Asus Asus Firmware
Asuswrt-merlin Asuswrt-merlin
3.3
CVSSv2
CVE-2015-7789
ASUS Japan WL-330NUL devices with firmware prior to 3.0.0.42 allow remote malicious users to cause a denial of service via unspecified vectors.
Asus Wl-33nul Firmware
Asus Wl-330nul
4
CVSSv2
CVE-2021-28175
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate th...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4
CVSSv2
CVE-2021-28176
The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the W...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4
CVSSv2
CVE-2021-28186
The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage ...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4
CVSSv2
CVE-2021-28187
The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abno...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
6.5
CVSSv2
CVE-2021-28203
The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary.
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4
CVSSv2
CVE-2021-28177
The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the ...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »