Vulnerabilities > Asus
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-20 | CVE-2022-26668 | Incorrect Authorization vulnerability in Asus Control Center 1.4.2.5 ASUS Control Center API has a broken access control vulnerability. | 6.4 |
2022-06-20 | CVE-2022-26669 | SQL Injection vulnerability in Asus Control Center 1.4.2.5 ASUS Control Center is vulnerable to SQL injection. | 4.0 |
2022-06-17 | CVE-2022-31874 | Command Injection vulnerability in Asus Rt-N53 Firmware 3.0.0.4.376.3754 ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of the apply.cgi interface. | 7.5 |
2022-05-11 | CVE-2021-3254 | Unspecified vulnerability in Asus Dsl-N14U-B1 Firmware 1.1.2.3805 Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap. | 7.8 |
2022-04-22 | CVE-2022-26672 | Use of Hard-coded Credentials vulnerability in Asus Webstorage ASUS WebStorage has a hardcoded API Token in the APP source code. | 7.5 |
2022-04-22 | CVE-2022-26673 | Cross-site Scripting vulnerability in Asus Rt-Ax88U Firmware ASUS RT-AX88U has insufficient filtering for special characters in the HTTP header parameter. | 3.5 |
2022-04-22 | CVE-2022-26674 | Use of Externally-Controlled Format String vulnerability in Asus Rt-Ax88U Firmware ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker to write to arbitrary memory address and perform remote arbitrary code execution, arbitrary system operation or disrupt service. | 7.5 |
2022-04-07 | CVE-2022-23970 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. | 4.8 |
2022-04-07 | CVE-2022-23971 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. | 4.8 |
2022-04-07 | CVE-2022-23972 | SQL Injection vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. | 5.8 |