Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2023-39238
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbit...
Asus Rt-ax55 Firmware 3.0.0.4.386 50460
Asus Rt-ax56u V2 Firmware 3.0.0.4.386 50460
Asus Rt-ac86u Firmware 3.0.0.4 386 51529
7.2
CVSSv3
CVE-2023-39239
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to ...
Asus Rt-ax55 Firmware 3.0.0.4.386 50460
Asus Rt-ax56u V2 Firmware 3.0.0.4.386 50460
Asus Rt-ac86u Firmware 3.0.0.4 386 51529
7.2
CVSSv3
CVE-2023-39240
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. A remote attacker with administrator privilege can exploit this vul...
Asus Rt-ax55 Firmware 3.0.0.4.386 50460
Asus Rt-ax56u V2 Firmware 3.0.0.4.386 50460
Asus Rt-ac86u Firmware 3.0.0.4 386 51529
4.9
CVSSv3
CVE-2021-28177
The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the ...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4.9
CVSSv3
CVE-2021-28179
The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage ...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4.9
CVSSv3
CVE-2021-28182
The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally termina...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4.9
CVSSv3
CVE-2021-28184
The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally te...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4.9
CVSSv3
CVE-2021-28185
The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage ...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
4.9
CVSSv3
CVE-2021-28186
The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage ...
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
7.2
CVSSv3
CVE-2021-28203
The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary.
Asus Z10pr-d16 Firmware 1.14.51
Asus Asmb8-ikvm Firmware 1.14.51
Asus Z10pe-d16 Ws Firmware 1.14.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »