Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2021-28205
The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files.
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4.9
CVSSv3
CVE-2021-28181
The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage t...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
NA
CVE-2013-5948
The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware prior to 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).
T-mobile Tm-ac1900 3.0.0.4.376 3169
Asus Rt-ac68u Firmware 3.0.0.4.374.4755
Asus Rt-ac68u Firmware 3.0.0.4.374 4561
Asus Rt-ac68u Firmware 3.0.0.4.374 4887
Asus Rt-ac68u -
1 EDB exploit
9.8
CVSSv3
CVE-2013-4656
Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.
Asus Rt-ac66u Firmware -
Asus Rt-n56u Firmware -
NA
CVE-2008-1491
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote malicious users to execute arbitrary code via a long string to TCP port 623.
Asus Remote Console 2.0.0.24
Asus Remote Console 2.0.0.19
2 EDB exploits
NA
CVE-2012-4924
Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote malicious users to execute arbitrary code via a long parameter to the Alert method.
Asus Net4switch 1.0.0020
Asus Ipswcom Activex Component 1.0.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2021-45756
Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi.
Asus Rt-ac68u Firmware
Asus Rt-ac5300 Firmware
7.8
CVSSv3
CVE-2019-15405
The Asus ASUS_X00K_1 Android device with a build fingerprint of asus/CN_X00K/ASUS_X00K_1:7.0/NRD90M/CN_X00K-14.01.1711.27-20180420:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app (versionCode=1570000015, versionName=7.0.0.3_1612...
Asus Pegasus 4a Firmware -
Asus Pegasus 4 Max Firmware -
7.8
CVSSv3
CVE-2019-15418
The Asus ASUS_X00K_1 Android device with a build fingerprint of asus/CN_X00K/ASUS_X00K_1:7.0/NRD90M/CN_X00K-14.01.1711.27-20180420:user/release-keys contains a pre-installed app with a package name of com.lovelyfont.defcontainer app (versionCode=5, versionName=5.0.1) that allows ...
Asus Pegasus 4a Firmware -
Asus Pegasus 4 Max Firmware -
7.2
CVSSv3
CVE-2023-39238
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbit...
Asus Rt-ax55 Firmware 3.0.0.4.386 50460
Asus Rt-ax56u V2 Firmware 3.0.0.4.386 50460
Asus Rt-ac86u Firmware 3.0.0.4 386 51529
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »