Vulnerabilities > Asus > RT Ax56U Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-06 | CVE-2021-40556 | Out-of-bounds Write vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.44266 A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. | 8.8 |
2022-08-05 | CVE-2022-26376 | A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. | 9.8 |
2022-07-05 | CVE-2021-43702 | Cross-site Scripting vulnerability in Asus products ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). | 9.0 |
2022-04-07 | CVE-2022-23970 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. | 8.1 |
2022-04-07 | CVE-2022-23971 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. | 8.1 |
2022-04-07 | CVE-2022-23972 | SQL Injection vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. | 8.8 |
2022-04-07 | CVE-2022-23973 | Out-of-bounds Write vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.45898 ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. | 8.8 |
2022-01-14 | CVE-2022-22054 | Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.44266 ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files. | 6.5 |
2022-01-03 | CVE-2021-44158 | Improper Validation of Specified Quantity in Input vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.44266 ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. | 8.0 |
2021-11-19 | CVE-2021-41435 | Improper Restriction of Excessive Authentication Attempts vulnerability in Asus products A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request. | 9.8 |