Vulnerabilities > Asus > RT Ac68U Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-02-03 CVE-2021-37315 Use of Incorrectly-Resolved Name or Reference vulnerability in Asus Rt-Ac68U Firmware
Incorrect Access Control issue discoverd in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the source for COPY and MOVE operations.
network
low complexity
asus CWE-706
critical
 9.1
9.1
2023-02-03 CVE-2021-37316 SQL Injection vulnerability in Asus Rt-Ac68U Firmware
SQL injection vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to view sensitive information via /etc/shadow.
network
low complexity
asus CWE-89
7.5
7.5
2023-02-03 CVE-2021-37317 Path Traversal vulnerability in Asus Rt-Ac68U Firmware
Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the target for COPY and MOVE operations.
network
low complexity
asus CWE-22
critical
 9.1
9.1
2022-07-05 CVE-2021-43702 Cross-site Scripting vulnerability in Asus products
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS).
network
low complexity
asus CWE-79
critical
 9.0
9.0
2022-03-23 CVE-2021-45756 Classic Buffer Overflow vulnerability in Asus Rt-Ac5300 Firmware and Rt-Ac68U Firmware
Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi.
network
low complexity
asus CWE-120
critical
 9.8
9.8
2022-03-23 CVE-2021-45757 Classic Buffer Overflow vulnerability in Asus Rt-Ac68U Firmware
ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS).
network
low complexity
asus CWE-120
7.5
7.5
2021-04-12 CVE-2021-3128 Excessive Iteration vulnerability in Asus products
In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router.
network
low complexity
asus CWE-834
7.5
7.5
2018-05-14 CVE-2018-0582 Cross-site Scripting vulnerability in Asus Rt-Ac68U Firmware
Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version prior to 3.0.0.4.380.1031 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
asus CWE-79
6.1
6.1
2018-04-04 CVE-2018-9285 OS Command Injection vulnerability in Asus products
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.
network
low complexity
asus CWE-78
critical
 9.8
9.8