Vulnerabilities > Asus > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-41345 OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module.
network
low complexity
asus CWE-78
8.8
8.8
2023-11-03 CVE-2023-41346 OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module.
network
low complexity
asus CWE-78
8.8
8.8
2023-11-03 CVE-2023-41347 OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module.
network
low complexity
asus CWE-78
8.8
8.8
2023-11-03 CVE-2023-41348 OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module.
network
low complexity
asus CWE-78
8.8
8.8
2023-09-18 CVE-2023-41349 Use of Externally-Controlled Format String vulnerability in Asus Rt-Ax88U Firmware
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function.
network
low complexity
asus CWE-134
8.8
8.8
2023-09-11 CVE-2023-39780 Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598
ASUS RT-AX55 v3.0.0.4.386.51598 was discovered to contain an authenticated command injection vulnerability.
network
low complexity
asus CWE-77
8.8
8.8
2023-09-07 CVE-2023-39238 Use of Externally-Controlled Format String vulnerability in Asus products
It is identified a format string vulnerability in ASUS RT-AX56U V2.
network
low complexity
asus CWE-134
7.2
7.2
2023-09-07 CVE-2023-39239 Use of Externally-Controlled Format String vulnerability in Asus products
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API.
network
low complexity
asus CWE-134
7.2
7.2
2023-09-07 CVE-2023-39240 Use of Externally-Controlled Format String vulnerability in Asus products
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API.
network
low complexity
asus CWE-134
7.2
7.2
2023-09-07 CVE-2023-38032 OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529
ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character.
network
low complexity
asus CWE-78
8.8
8.8