Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2017-17945
The ASUS HiVivo aspplication prior to 5.6.27 for ASUS Watch has Missing SSL Certificate Validation.
Asus Hivivo
Asus Vivobaby
NA
CVE-2014-2925
Cross-site scripting (XSS) vulnerability in Advanced_Wireless_Content.asp in ASUS RT-AC68U and other RT series routers with firmware prior to 3.0.0.4.374.5047 allows remote malicious users to inject arbitrary web script or HTML via the current_page parameter to apply.cgi.
T-mobile Tm-ac1900 3.0.0.4.376 3169
Asus Rt-ac68u Firmware
Asus Rt-ac68u Firmware 3.0.0.4.374.4755
Asus Rt-ac68u Firmware 3.0.0.4.374 4887
Asus Rt-ac68u -
7.2
CVSSv3
CVE-2023-39238
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbit...
Asus Rt-ax55 Firmware 3.0.0.4.386 50460
Asus Rt-ax56u V2 Firmware 3.0.0.4.386 50460
Asus Rt-ac86u Firmware 3.0.0.4 386 51529
7.2
CVSSv3
CVE-2023-39239
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to ...
Asus Rt-ax55 Firmware 3.0.0.4.386 50460
Asus Rt-ax56u V2 Firmware 3.0.0.4.386 50460
Asus Rt-ac86u Firmware 3.0.0.4 386 51529
7.2
CVSSv3
CVE-2023-39240
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. A remote attacker with administrator privilege can exploit this vul...
Asus Rt-ax55 Firmware 3.0.0.4.386 50460
Asus Rt-ax56u V2 Firmware 3.0.0.4.386 50460
Asus Rt-ac86u Firmware 3.0.0.4 386 51529
7.2
CVSSv3
CVE-2021-28203
The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary.
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
7.2
CVSSv3
CVE-2021-28204
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary.
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4.9
CVSSv3
CVE-2021-28205
The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4.9
CVSSv3
CVE-2021-28179
The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage ...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4.9
CVSSv3
CVE-2021-28175
The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate th...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »