Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus asus firmware vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2021-28186
The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage ...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4.9
CVSSv3
CVE-2021-28188
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the lea...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
NA
CVE-2013-5948
The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware prior to 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).
T-mobile Tm-ac1900 3.0.0.4.376 3169
Asus Rt-ac68u Firmware 3.0.0.4.374 4561
Asus Rt-ac68u Firmware 3.0.0.4.374 4887
Asus Rt-ac68u Firmware 3.0.0.4.374.4755
Asus Rt-ac68u -
1 EDB exploit
4.3
CVSSv3
CVE-2015-7789
ASUS Japan WL-330NUL devices with firmware prior to 3.0.0.42 allow remote malicious users to cause a denial of service via unspecified vectors.
Asus Wl-33nul Firmware
Asus Wl-330nul
NA
CVE-2013-6343
Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote malicious users to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp.
Asus Tm-ac1900 Firmware 3.0.0.4..374 979
Asus Rt-n56u Firmware 3.0.0.4..374 979
Asus Rt-ac66u Firmware 3.0.0.4..374 979
1 EDB exploit
NA
CVE-2015-2676
Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allows remote malicious users to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm.
Asus Rt-g32 Firmware 2.0.3.2
Asus Rt-g32 Firmware 2.0.2.6
NA
CVE-2015-2681
Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) next_page, (2) group_id, (3) action_script, or (4) flag parameter to start_apply.htm.
Asus Rt-g32 Firmware 2.0.2.6
Asus Rt-g32 Firmware 2.0.3.2
9.8
CVSSv3
CVE-2018-11491
ASUS HG100 devices with firmware prior to 1.05.12 allow unauthenticated access, leading to remote command execution.
Asus Hg100 Firmware
NA
CVE-2014-9583
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote malicious users to bypass authentication and execute...
T-mobile Tm-ac1900 3.0.0.4.376 3169
Asus Wrt Firmware 3.0.0.4.376.2524-g0012f52
Asus Wrt Firmware 3.0.0.4.376 1071
2 EDB exploits
1 Github repository
6.8
CVSSv3
CVE-2021-42055
ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker.
Asus Ux582lr Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »