Vulnerabilities > Asus > RT Ax55 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-03 | CVE-2023-41345 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. | 8.8 |
| 2023-11-03 | CVE-2023-41346 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. | 8.8 |
| 2023-11-03 | CVE-2023-41347 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. | 8.8 |
| 2023-11-03 | CVE-2023-41348 | OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. | 8.8 |
| 2023-09-11 | CVE-2023-39780 | Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598 ASUS RT-AX55 v3.0.0.4.386.51598 was discovered to contain an authenticated command injection vulnerability. | 8.8 |
| 2023-09-07 | CVE-2023-39238 | Use of Externally-Controlled Format String vulnerability in Asus products It is identified a format string vulnerability in ASUS RT-AX56U V2. | 7.2 |
| 2023-09-07 | CVE-2023-39239 | Use of Externally-Controlled Format String vulnerability in Asus products It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. | 7.2 |
| 2023-09-07 | CVE-2023-39240 | Use of Externally-Controlled Format String vulnerability in Asus products It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. | 7.2 |
| 2022-08-05 | CVE-2022-26376 | Out-of-bounds Write vulnerability in multiple products A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. | 9.8 |
| 2022-07-05 | CVE-2021-43702 | Cross-site Scripting vulnerability in Asus products ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). | 9.0 |