Vulnerabilities > Asus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-31 | CVE-2023-34360 | Cross-site Scripting vulnerability in Asus Rt-Ax88U Firmware A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code. | 5.4 |
| 2023-07-31 | CVE-2023-34358 | Out-of-bounds Read vulnerability in Asus Rt-Ax88U Firmware ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. | 7.5 |
| 2023-07-31 | CVE-2023-34359 | Out-of-bounds Read vulnerability in Asus Rt-Ax88U Firmware ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. | 7.5 |
| 2023-07-26 | CVE-2023-26911 | Unquoted Search Path or Element vulnerability in Asus Armoury Crate and Setupasusservices ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. | 7.8 |
| 2023-07-21 | CVE-2023-35087 | Use of Externally-Controlled Format String vulnerability in Asus Rt-Ac86U Firmware and Rt-Ax56U V2 Firmware It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. | 9.8 |
| 2023-07-21 | CVE-2023-35086 | Use of Externally-Controlled Format String vulnerability in Asus Rt-Ac86U Firmware and Rt-Ax56U V2 Firmware It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. | 7.2 |
| 2023-06-13 | CVE-2023-31195 | Cleartext Transmission of Sensitive Information vulnerability in Asus Rt-Ax3000 Firmware 3.0.0.4.38410177/3.0.0.4.386.46061 ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. | 5.3 |
| 2023-06-12 | CVE-2023-34940 | Out-of-bounds Write vulnerability in Asus Rt-N10Lx Firmware 2.0.0.39 Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the url parameter at /start-apply.html. | 7.5 |
| 2023-06-12 | CVE-2023-34941 | Cross-site Scripting vulnerability in Asus Rt-N10Lx Firmware 2.0.0.39 A stored cross-site scripting (XSS) vulnerability in the urlFilterList function of Asus RT-N10LX Router v2.0.0.39 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL Keyword List text field. | 5.4 |
| 2023-06-12 | CVE-2023-34942 | Out-of-bounds Write vulnerability in Asus Rt-N10Lx Firmware 2.0.0.39 Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the mac parameter at /start-apply.html. | 7.5 |