Vulnerabilities > Asus > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-14 | CVE-2022-22054 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.44266 ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files. | 6.5 |
2022-01-03 | CVE-2021-46109 | Cross-site Scripting vulnerability in Asus Rt-Ac52U B1 Firmware 3.0.0.4.380.10931 Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack. | 6.1 |
2021-11-12 | CVE-2021-37910 | Unspecified vulnerability in Asus products ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames. | 5.3 |
2021-10-18 | CVE-2021-42055 | Incorrect Default Permissions vulnerability in Asus Ux582Lr Firmware 302 ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker. | 6.8 |
2021-04-08 | CVE-2021-28686 | Out-of-bounds Write vulnerability in Asus Gputweak II AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. | 5.5 |
2021-04-06 | CVE-2021-28209 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. | 4.9 |
2021-04-06 | CVE-2021-28208 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. | 4.9 |
2021-04-06 | CVE-2021-28207 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. | 4.9 |
2021-04-06 | CVE-2021-28206 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. | 4.9 |
2021-04-06 | CVE-2021-28205 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. | 4.9 |