Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus asus firmware vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-28187
The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abno...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4
CVSSv2
CVE-2021-28188
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the lea...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
8.5
CVSSv2
CVE-2013-5948
The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware prior to 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).
T-mobile Tm-ac1900 3.0.0.4.376 3169
Asus Rt-ac68u Firmware 3.0.0.4.374 4561
Asus Rt-ac68u Firmware 3.0.0.4.374 4887
Asus Rt-ac68u Firmware 3.0.0.4.374.4755
Asus Rt-ac68u -
1 EDB exploit
3.3
CVSSv2
CVE-2015-7789
ASUS Japan WL-330NUL devices with firmware prior to 3.0.0.42 allow remote malicious users to cause a denial of service via unspecified vectors.
Asus Wl-33nul Firmware
Asus Wl-330nul
10
CVSSv2
CVE-2013-6343
Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote malicious users to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp.
Asus Tm-ac1900 Firmware 3.0.0.4..374 979
Asus Rt-n56u Firmware 3.0.0.4..374 979
Asus Rt-ac66u Firmware 3.0.0.4..374 979
1 EDB exploit
6.8
CVSSv2
CVE-2015-2676
Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allows remote malicious users to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm.
Asus Rt-g32 Firmware 2.0.3.2
Asus Rt-g32 Firmware 2.0.2.6
4.3
CVSSv2
CVE-2015-2681
Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) next_page, (2) group_id, (3) action_script, or (4) flag parameter to start_apply.htm.
Asus Rt-g32 Firmware 2.0.2.6
Asus Rt-g32 Firmware 2.0.3.2
10
CVSSv2
CVE-2018-11491
ASUS HG100 devices with firmware prior to 1.05.12 allow unauthenticated access, leading to remote command execution.
Asus Hg100 Firmware
10
CVSSv2
CVE-2014-9583
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote malicious users to bypass authentication and execute...
T-mobile Tm-ac1900 3.0.0.4.376 3169
Asus Wrt Firmware 3.0.0.4.376.2524-g0012f52
Asus Wrt Firmware 3.0.0.4.376 1071
2 EDB exploits
1 Github repository
4.6
CVSSv2
CVE-2021-42055
ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker.
Asus Ux582lr Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »