Vulnerabilities > Asus > RT Ax88U Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-31 CVE-2023-34360 Unspecified vulnerability in Asus Rt-Ax88U Firmware
A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior.  After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code.
network
low complexity
asus
5.4
2022-09-26 CVE-2021-41437 Injection vulnerability in Asus Rt-Ax88U Firmware
An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558 allows an attacker to craft a specific URL that if an authenticated victim visits it, the URL will give access to the cloud storage of the attacker.
network
low complexity
asus CWE-74
6.5