Vulnerabilities > Asus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-23 | CVE-2021-45757 | Classic Buffer Overflow vulnerability in Asus Rt-Ac68U Firmware ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS). | 7.5 |
| 2022-03-01 | CVE-2022-22262 | Link Following vulnerability in Asus ROG Live Service ROG Live Service’s function for deleting temp files created by installation has an improper link resolution before file access vulnerability. | 7.7 |
| 2022-02-17 | CVE-2021-46247 | Use of Hard-coded Credentials vulnerability in Asus Cmax6000 Firmware 1.02.00 The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00. | 7.5 |
| 2022-01-21 | CVE-2022-21933 | Out-of-bounds Write vulnerability in Asus products ASUS VivoMini/Mini PC device has an improper input validation vulnerability. | 7.8 |
| 2022-01-03 | CVE-2021-44158 | Improper Validation of Specified Quantity in Input vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.44266 ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. | 8.0 |
| 2021-11-19 | CVE-2021-41436 | HTTP Request Smuggling vulnerability in Asus products An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet. | 7.5 |
| 2021-09-27 | CVE-2021-40981 | Uncontrolled Search Path Element vulnerability in Asus Armoury Crate Lite Service ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory. | 7.3 |
| 2021-04-12 | CVE-2021-3128 | Excessive Iteration vulnerability in Asus products In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. | 7.5 |
| 2021-04-08 | CVE-2021-28685 | Unspecified vulnerability in Asus Gputweak II AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process) and to interact with MSR registers. | 7.8 |
| 2021-04-06 | CVE-2021-28204 | OS Command Injection vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not filter the specific parameter. | 7.2 |