Vulnerabilities > Asus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-11 | CVE-2021-3254 | Unspecified vulnerability in Asus Dsl-N14U-B1 Firmware 1.1.2.3805 Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap. | 7.5 |
| 2022-04-07 | CVE-2022-23970 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. | 8.1 |
| 2022-04-07 | CVE-2022-23971 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. | 8.1 |
| 2022-04-07 | CVE-2022-23972 | SQL Injection vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. | 8.8 |
| 2022-04-07 | CVE-2022-23973 | Out-of-bounds Write vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. | 8.8 |
| 2022-04-07 | CVE-2022-25596 | Out-of-bounds Write vulnerability in Asus Rt-Ac86U Firmware 3.0.0.4.386.45956 ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations and disrupt service. | 8.8 |
| 2022-04-07 | CVE-2022-25597 | Unspecified vulnerability in Asus Rt-Ac86U Firmware 3.0.0.4.386.45956 ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN attacker to perform command injection attack, execute arbitrary commands and disrupt or terminate service. low complexity asus | 8.8 |
| 2022-03-23 | CVE-2021-45757 | Classic Buffer Overflow vulnerability in Asus Rt-Ac68U Firmware ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS). | 7.5 |
| 2022-03-01 | CVE-2022-22262 | Link Following vulnerability in Asus ROG Live Service ROG Live Service’s function for deleting temp files created by installation has an improper link resolution before file access vulnerability. | 7.7 |
| 2022-02-17 | CVE-2021-46247 | Use of Hard-coded Credentials vulnerability in Asus Cmax6000 Firmware 1.02.00 The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00. | 7.5 |