Vulnerabilities > CVE-2021-44158 - Improper Validation of Specified Quantity in Input vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.44266

CVSS 8.0 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

asus

CWE-1284

NVD

Published: 2022-01-03

Updated: 2023-06-26

Summary

ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service.

Vulnerable Configurations

Part	Description	Count
OS	Asus Asus RT Ax56U Firmware 3.0.0.4.386.44266	1
Hardware	Asus Asus RT Ax56U -	1

Common Weakness Enumeration (CWE)

CWE-1284 - Improper Validation of Specified Quantity in Input

References

https://www.twcert.org.tw/tw/cp-132-5431-d23be-1.html