Vulnerabilities > Asus

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-09	CVE-2020-29655	Injection vulnerability in Asus Rt-Ac88U Firmware 3.0.0.4.386.46061 An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. network low complexity asus CWE-74	7.5
2020-08-26	CVE-2020-15499	Cross-site Scripting vulnerability in Asus Rt-Ac1900P Firmware 3.0.0.4.385.10000/3.0.0.4.385.20252 An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. network low complexity asus CWE-79	6.1
2020-08-26	CVE-2020-15498	Improper Certificate Validation vulnerability in Asus Rt-Ac1900P Firmware 3.0.0.4.385.10000/3.0.0.4.385.20252 An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. network high complexity asus CWE-295	5.9
2020-07-20	CVE-2020-15009	Untrusted Search Path vulnerability in Asus Screenpad2 Upgrade Tool 1.0.3 AsusScreenXpertServicec.exe and ScreenXpertUpgradeServiceManager.exe in ScreenPad2_Upgrade_Tool.msi V1.0.3 for ASUS PCs with ScreenPad 1.0 (UX450FDX, UX550GDX and UX550GEX) could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name. local low complexity asus CWE-426	7.8
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5
2020-06-02	CVE-2019-17603	Out-of-bounds Write vulnerability in Asus Aura Sync 1.07.71 Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption. local low complexity asus CWE-787	7.8
2020-03-25	CVE-2020-10649	Uncontrolled Search Path Element vulnerability in Asus Device Activation DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name. local low complexity asus CWE-427	7.8
2020-03-20	CVE-2018-20335	Improper Input Validation vulnerability in Asus Asuswrt 3.0.0.4.384.20308 An issue was discovered in ASUSWRT 3.0.0.4.384.20308. network low complexity asus CWE-20	7.5
2020-03-20	CVE-2018-20334	OS Command Injection vulnerability in Asus Asuswrt 3.0.0.4.384.20308 An issue was discovered in ASUSWRT 3.0.0.4.384.20308. network low complexity asus CWE-78 critical	9.8
2020-03-20	CVE-2018-20333	Information Exposure vulnerability in Asus Asuswrt 3.0.0.4.384.20308 An issue was discovered in ASUSWRT 3.0.0.4.384.20308. network low complexity asus CWE-200	7.5

Vulnerabilities > Asus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Asus"}]}

Vulnerabilities > Asus