Vulnerabilities > Asus > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-05 | CVE-2021-43702 | Cross-site Scripting vulnerability in Asus products ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). | 3.5 |
| 2022-07-01 | CVE-2022-32988 | Cross-site Scripting vulnerability in Asus Dsl-N14U-B1 Firmware 1.1.2.3805 Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805 via the "*list" parameters (e.g. | 3.5 |
| 2022-04-22 | CVE-2022-26673 | Cross-site Scripting vulnerability in Asus Rt-Ax88U Firmware ASUS RT-AX88U has insufficient filtering for special characters in the HTTP header parameter. | 3.5 |
| 2022-03-01 | CVE-2022-22262 | Link Following vulnerability in Asus ROG Live Service ROG Live Service’s function for deleting temp files created by installation has an improper link resolution before file access vulnerability. | 3.6 |
| 2022-01-14 | CVE-2022-22054 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.44266 ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files. | 3.3 |
| 2021-11-15 | CVE-2021-41289 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Asus P453Uj Bios 311 ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. | 3.6 |
| 2021-04-08 | CVE-2021-28686 | Out-of-bounds Write vulnerability in Asus Gputweak II AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. | 2.1 |
| 2019-11-14 | CVE-2019-15391 | Unspecified vulnerability in Asus Zenfone 4 Selfie Firmware The Asus ZenFone 4 Selfie Android device with a build fingerprint of asus/WW_Phone/ASUS_X00LD_1:8.1.0/OPM1.171019.011/15.0400.1809.405-0:user/release-keys contains a pre-installed app with a package name of com.log.logservice app (versionCode=1, versionName=1) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization. | 2.1 |
| 2019-11-14 | CVE-2019-15392 | Unspecified vulnerability in Asus Zenfone 4 Selfie Firmware The Asus ZenFone 4 Selfie Android device with a build fingerprint of Android/sdm660_64/sdm660_64:8.1.0/OPM1/14.2016.1802.247-20180419:user/release-keys contains a pre-installed app with a package name of com.log.logservice app (versionCode=1, versionName=1) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization. | 2.1 |
| 2019-11-14 | CVE-2019-15393 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Asus Zenfone Live (L1) Firmware The Asus ZenFone Live Android device with a build fingerprint of asus/WW_Phone/ASUS_X00LD_3:7.1.1/NMF26F/14.0400.1806.203-20180720:user/release-keys contains a pre-installed app with a package name of com.asus.atd.smmitest app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack. | 2.1 |