Vulnerabilities > Asus > RT Ac86U Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-07 CVE-2023-39238 Use of Externally-Controlled Format String vulnerability in Asus products
It is identified a format string vulnerability in ASUS RT-AX56U V2.
network
low complexity
asus CWE-134
7.2
7.2
2023-09-07 CVE-2023-39239 Use of Externally-Controlled Format String vulnerability in Asus products
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API.
network
low complexity
asus CWE-134
7.2
7.2
2023-09-07 CVE-2023-39240 Use of Externally-Controlled Format String vulnerability in Asus products
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API.
network
low complexity
asus CWE-134
7.2
7.2
2023-09-07 CVE-2023-38032 OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529
ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character.
network
low complexity
asus CWE-78
8.8
8.8
2023-09-07 CVE-2023-38033 OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529
ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character.
network
low complexity
asus CWE-78
8.8
8.8
2023-09-07 CVE-2023-39237 OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529
ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character.
network
low complexity
asus CWE-78
8.8
8.8
2023-09-07 CVE-2023-38031 Unspecified vulnerability in Asus Rt-Ac86U Firmware 3.0.0.438651529
ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character.
network
low complexity
asus
8.8
8.8
2023-07-21 CVE-2023-35086 Use of Externally-Controlled Format String vulnerability in Asus Rt-Ac86U Firmware and Rt-Ax56U V2 Firmware
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U.
network
low complexity
asus CWE-134
7.2
7.2
2023-06-02 CVE-2023-28702 OS Command Injection vulnerability in Asus Rt-Ac86U Firmware 3.0.0.4.386.51255
ASUS RT-AC86U does not filter special characters for parameters in specific web URLs.
network
low complexity
asus CWE-78
8.8
8.8
2023-06-02 CVE-2023-28703 Stack-based Buffer Overflow vulnerability in Asus Rt-Ac86U Firmware 3.0.0.4.386.51255
ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length.
network
low complexity
asus CWE-121
7.2
7.2