Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-34942
Asus RT-N10LX Router v2.0.0.39 exists to contain a stack overflow via the mac parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Asus Rt-n10lx Firmware 2.0.0.39
8.8
CVSSv3
CVE-2023-28702
ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote attacker with normal user privileges can exploit this vulnerability to perform command injection attack to execute arbitrary system commands, disrupt system or terminate service.
Asus Rt-ac86u Firmware 3.0.0.4.386.51255
7.2
CVSSv3
CVE-2023-28703
ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A remote attacker with administrator privileges can exploit this vulnerability to execute arbitrary system commands, disrup...
Asus Rt-ac86u Firmware 3.0.0.4.386.51255
5.2
CVSSv3
CVE-2023-29772
A Cross-site scripting (XSS) vulnerability in the System Log/General Log page of the administrator web UI in ASUS RT-AC51U wireless router firmware version up to and including 3.0.0.4.380.8591 allows remote malicious users to inject arbitrary web script or HTML via a malicious ne...
Asus Rt-ac51u Firmware
6.8
CVSSv3
CVE-2023-1079
A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct...
Linux Linux Kernel
9.8
CVSSv3
CVE-2023-26602
ASUS ASMB8 iKVM firmware up to and including 1.14.51 allows remote malicious users to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution.
Asus Asmb8-ikvm Firmware
1 Github repository
7.8
CVSSv3
CVE-2022-42455
ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCT...
Asus Armoury Crate
9.1
CVSSv3
CVE-2021-37315
Incorrect Access Control issue discoverd in Cloud Disk in ASUS RT-AC68U router firmware version prior to 3.0.0.4.386.41634 allows remote malicious users to write arbitrary files via improper sanitation on the source for COPY and MOVE operations.
Asus Rt-ac68u Firmware
7.5
CVSSv3
CVE-2021-37316
SQL injection vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version prior to 3.0.0.4.386.41634 allows remote malicious users to view sensitive information via /etc/shadow.
Asus Rt-ac68u Firmware
9.1
CVSSv3
CVE-2021-37317
Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version prior to 3.0.0.4.386.41634 allows remote malicious users to write arbitrary files via improper sanitation on the target for COPY and MOVE operations.
Asus Rt-ac68u Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »