Vulnerabilities > Asus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-07 | CVE-2023-39240 | Use of Externally-Controlled Format String vulnerability in Asus products It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. | 7.2 |
| 2023-09-07 | CVE-2023-38032 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529 ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. | 8.8 |
| 2023-09-07 | CVE-2023-38033 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529 ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. | 8.8 |
| 2023-09-07 | CVE-2023-39236 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529 ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. | 8.8 |
| 2023-09-07 | CVE-2023-39237 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529 ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. | 8.8 |
| 2023-09-07 | CVE-2023-38031 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529 ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. | 8.8 |
| 2023-08-08 | CVE-2023-39086 | Cleartext Transmission of Sensitive Information vulnerability in Asus Rt-Ac66U B1 Firmware 3.0.0.4.28651665 ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext. | 7.5 |
| 2023-07-31 | CVE-2023-34360 | Cross-site Scripting vulnerability in Asus Rt-Ax88U Firmware A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code. | 5.4 |
| 2023-07-31 | CVE-2023-34358 | Out-of-bounds Read vulnerability in Asus Rt-Ax88U Firmware ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. | 7.5 |
| 2023-07-31 | CVE-2023-34359 | Out-of-bounds Read vulnerability in Asus Rt-Ax88U Firmware ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. | 7.5 |