Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-26674
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote malicious user to write to arbitrary memory address and perform remote arbitrary code execution, arbitrary system operation or disrupt service.
Asus Rt-ax88u Firmware
7.5
CVSSv2
CVE-2022-26672
ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote attacker can use this token to establish connections with the server and carry out login attempts to general user accounts. A successful login to a general user account allows the maliciou...
Asus Webstorage
5.8
CVSSv2
CVE-2022-25596
ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN malicious user to execute arbitrary code, perform arbitrary operations and disrupt s...
Asus Rt-ac86u Firmware 3.0.0.4.386.45956
6.1
CVSSv2
CVE-2022-25595
ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN malicious user to cause a denial of service by sending particular request a server-to-client reply attempt.
Asus Rt-ac86u Firmware 3.0.0.4.386.45956
5.8
CVSSv2
CVE-2022-25597
ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN malicious user to perform command injection attack, execute arbitrary commands and disrupt or terminate service.
Asus Rt-ac86u Firmware 3.0.0.4.386.45956
4.8
CVSSv2
CVE-2022-23970
ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another file with the same file name, which results in...
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
4.8
CVSSv2
CVE-2022-23971
ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another PLC/PORT file with the same file name, which r...
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
5.8
CVSSv2
CVE-2022-23972
ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN malicious user to inject arbitrary SQL code to read, modify and delete database.
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
5.8
CVSSv2
CVE-2022-23973
ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service.
Asus Rt-ax56u Firmware 3.0.0.4.386.45898
7.5
CVSSv2
CVE-2021-45756
Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi.
Asus Rt-ac68u Firmware
Asus Rt-ac5300 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »