A stored cross-site scripting (XSS) issue exists within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
asus rt-ax88u_firmware |