Vulnerabilities > Asus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-20 | CVE-2022-26668 | Incorrect Authorization vulnerability in Asus Control Center 1.4.2.5 ASUS Control Center API has a broken access control vulnerability. | 6.5 |
| 2022-06-20 | CVE-2022-26669 | SQL Injection vulnerability in Asus Control Center 1.4.2.5 ASUS Control Center is vulnerable to SQL injection. | 6.5 |
| 2022-04-22 | CVE-2022-26673 | Cross-site Scripting vulnerability in Asus Rt-Ax88U Firmware ASUS RT-AX88U has insufficient filtering for special characters in the HTTP header parameter. | 5.4 |
| 2022-04-07 | CVE-2022-25595 | Improper Input Validation vulnerability in Asus Rt-Ac86U Firmware 3.0.0.4.386.45956 ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to cause a denial of service by sending particular request a server-to-client reply attempt. | 6.5 |
| 2022-01-14 | CVE-2022-22054 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.44266 ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files. | 6.5 |
| 2022-01-03 | CVE-2021-46109 | Cross-site Scripting vulnerability in Asus Rt-Ac52U B1 Firmware 3.0.0.4.380.10931 Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack. | 6.1 |
| 2021-11-15 | CVE-2021-41289 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Asus P453Uj Bios 311 ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. | 6.3 |
| 2021-11-12 | CVE-2021-37910 | Improper Control of Interaction Frequency vulnerability in Asus products ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames. | 5.3 |
| 2021-10-18 | CVE-2021-42055 | Incorrect Default Permissions vulnerability in Asus Ux582Lr Firmware 302 ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker. | 6.8 |
| 2021-04-08 | CVE-2021-28686 | Out-of-bounds Write vulnerability in Asus Gputweak II AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. | 5.5 |