Vulnerabilities > Asus > RT Ax55 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-41345 OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module.
network
low complexity
asus CWE-78
8.8
8.8
2023-11-03 CVE-2023-41346 OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module.
network
low complexity
asus CWE-78
8.8
8.8
2023-11-03 CVE-2023-41347 OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module.
network
low complexity
asus CWE-78
8.8
8.8
2023-11-03 CVE-2023-41348 OS Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module.
network
low complexity
asus CWE-78
8.8
8.8
2023-09-11 CVE-2023-39780 Command Injection vulnerability in Asus Rt-Ax55 Firmware 3.0.0.4.386.51598
ASUS RT-AX55 v3.0.0.4.386.51598 was discovered to contain an authenticated command injection vulnerability.
network
low complexity
asus CWE-77
8.8
8.8
2022-08-05 CVE-2022-26376 A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7..
network
low complexity
asus asuswrt-merlin
critical
 9.8
9.8
2022-07-05 CVE-2021-43702 Cross-site Scripting vulnerability in Asus products
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS).
network
low complexity
asus CWE-79
critical
 9.0
9.0
2021-11-19 CVE-2021-41435 Improper Restriction of Excessive Authentication Attempts vulnerability in Asus products
A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request.
network
low complexity
asus CWE-307
critical
 9.8
9.8
2021-11-19 CVE-2021-41436 HTTP Request Smuggling vulnerability in Asus products
An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet.
network
low complexity
asus CWE-444
7.5
7.5
2021-11-12 CVE-2021-37910 Unspecified vulnerability in Asus products
ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames.
network
low complexity
asus
5.3
5.3