Vulnerabilities > Asus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-26 | CVE-2023-26911 | Unquoted Search Path or Element vulnerability in Asus Armoury Crate and Setupasusservices ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. | 7.8 |
| 2023-07-21 | CVE-2023-35087 | Use of Externally-Controlled Format String vulnerability in Asus Rt-Ac86U Firmware and Rt-Ax56U V2 Firmware It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. | 9.8 |
| 2023-07-21 | CVE-2023-35086 | Use of Externally-Controlled Format String vulnerability in Asus Rt-Ac86U Firmware and Rt-Ax56U V2 Firmware It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. | 7.2 |
| 2023-06-13 | CVE-2023-31195 | Cleartext Transmission of Sensitive Information vulnerability in Asus Rt-Ax3000 Firmware 3.0.0.4.38410177/3.0.0.4.386.46061 ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. | 5.3 |
| 2023-06-12 | CVE-2023-34940 | Out-of-bounds Write vulnerability in Asus Rt-N10Lx Firmware 2.0.0.39 Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the url parameter at /start-apply.html. | 7.5 |
| 2023-06-12 | CVE-2023-34941 | Cross-site Scripting vulnerability in Asus Rt-N10Lx Firmware 2.0.0.39 A stored cross-site scripting (XSS) vulnerability in the urlFilterList function of Asus RT-N10LX Router v2.0.0.39 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL Keyword List text field. | 5.4 |
| 2023-06-12 | CVE-2023-34942 | Out-of-bounds Write vulnerability in Asus Rt-N10Lx Firmware 2.0.0.39 Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the mac parameter at /start-apply.html. | 7.5 |
| 2023-06-02 | CVE-2023-28702 | OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.4.386.51255 ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. | 8.8 |
| 2023-06-02 | CVE-2023-28703 | Out-of-bounds Write vulnerability in Asus Rt-Ac86U Firmware 3.0.0.4.386.51255 ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. | 7.2 |
| 2023-05-02 | CVE-2023-29772 | Cross-site Scripting vulnerability in Asus Rt-Ac51U Firmware 3.0.0.4.380.8228 A Cross-site scripting (XSS) vulnerability in the System Log/General Log page of the administrator web UI in ASUS RT-AC51U wireless router firmware version up to and including 3.0.0.4.380.8591 allows remote attackers to inject arbitrary web script or HTML via a malicious network request. | 5.2 |