Filtered by vendor Asus
Subscribe
Search
Total
77 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41437 | 1 Asus | 2 Rt-ax88u, Rt-ax88u Firmware | 2023-08-08 | N/A | 6.5 MEDIUM |
| An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558 allows an attacker to craft a specific URL that if an authenticated victim visits it, the URL will give access to the cloud storage of the attacker. | |||||
| CVE-2023-34360 | 1 Asus | 2 Rt-ax88u, Rt-ax88u Firmware | 2023-08-04 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code. | |||||
| CVE-2022-32988 | 1 Asus | 2 Dsl-n14u-b1, Dsl-n14u-b1 Firmware | 2022-07-13 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805 via the "*list" parameters (e.g. filter_lwlist, keyword_rulelist, etc) in every ".asp" page containing a list of stored strings. The following asp files are affected: (1) cgi-bin/APP_Installation.asp, (2) cgi-bin/Advanced_ACL_Content.asp, (3) cgi-bin/Advanced_ADSL_Content.asp, (4) cgi-bin/Advanced_ASUSDDNS_Content.asp, (5) cgi-bin/Advanced_AiDisk_ftp.asp, (6) cgi-bin/Advanced_AiDisk_samba.asp, (7) cgi-bin/Advanced_DSL_Content.asp, (8) cgi-bin/Advanced_Firewall_Content.asp, (9) cgi-bin/Advanced_FirmwareUpgrade_Content.asp, (10) cgi-bin/Advanced_GWStaticRoute_Content.asp, (11) cgi-bin/Advanced_IPTV_Content.asp, (12) cgi-bin/Advanced_IPv6_Content.asp, (13) cgi-bin/Advanced_KeywordFilter_Content.asp, (14) cgi-bin/Advanced_LAN_Content.asp, (15) cgi-bin/Advanced_Modem_Content.asp, (16) cgi-bin/Advanced_PortTrigger_Content.asp, (17) cgi-bin/Advanced_QOSUserPrio_Content.asp, (18) cgi-bin/Advanced_QOSUserRules_Content.asp, (19) cgi-bin/Advanced_SettingBackup_Content.asp, (20) cgi-bin/Advanced_System_Content.asp, (21) cgi-bin/Advanced_URLFilter_Content.asp, (22) cgi-bin/Advanced_VPN_PPTP.asp, (23) cgi-bin/Advanced_VirtualServer_Content.asp, (24) cgi-bin/Advanced_WANPort_Content.asp, (25) cgi-bin/Advanced_WAdvanced_Content.asp, (26) cgi-bin/Advanced_WMode_Content.asp, (27) cgi-bin/Advanced_WWPS_Content.asp, (28) cgi-bin/Advanced_Wireless_Content.asp, (29) cgi-bin/Bandwidth_Limiter.asp, (30) cgi-bin/Guest_network.asp, (31) cgi-bin/Main_AccessLog_Content.asp, (32) cgi-bin/Main_AdslStatus_Content.asp, (33) cgi-bin/Main_Spectrum_Content.asp, (34) cgi-bin/Main_WebHistory_Content.asp, (35) cgi-bin/ParentalControl.asp, (36) cgi-bin/QIS_wizard.asp, (37) cgi-bin/QoS_EZQoS.asp, (38) cgi-bin/aidisk.asp, (39) cgi-bin/aidisk/Aidisk-1.asp, (40) cgi-bin/aidisk/Aidisk-2.asp, (41) cgi-bin/aidisk/Aidisk-3.asp, (42) cgi-bin/aidisk/Aidisk-4.asp, (43) cgi-bin/blocking.asp, (44) cgi-bin/cloud_main.asp, (45) cgi-bin/cloud_router_sync.asp, (46) cgi-bin/cloud_settings.asp, (47) cgi-bin/cloud_sync.asp, (48) cgi-bin/device-map/DSL_dashboard.asp, (49) cgi-bin/device-map/clients.asp, (50) cgi-bin/device-map/disk.asp, (51) cgi-bin/device-map/internet.asp, (52) cgi-bin/error_page.asp, (53) cgi-bin/index.asp, (54) cgi-bin/index2.asp, (55) cgi-bin/qis/QIS_PTM_manual_setting.asp, (56) cgi-bin/qis/QIS_admin_pass.asp, (57) cgi-bin/qis/QIS_annex_setting.asp, (58) cgi-bin/qis/QIS_bridge_cfg_tmp.asp, (59) cgi-bin/qis/QIS_detect.asp, (60) cgi-bin/qis/QIS_finish.asp, (61) cgi-bin/qis/QIS_ipoa_cfg_tmp.asp, (62) cgi-bin/qis/QIS_manual_setting.asp, (63) cgi-bin/qis/QIS_mer_cfg.asp, (64) cgi-bin/qis/QIS_mer_cfg_tmp.asp, (65) cgi-bin/qis/QIS_ppp_cfg.asp, (66) cgi-bin/qis/QIS_ppp_cfg_tmp.asp, (67) cgi-bin/qis/QIS_wireless.asp, (68) cgi-bin/query_wan_status.asp, (69) cgi-bin/query_wan_status2.asp, and (70) cgi-bin/start_apply.asp. | |||||
| CVE-2022-26668 | 1 Asus | 1 Control Center | 2022-06-27 | 6.4 MEDIUM | 6.5 MEDIUM |
| ASUS Control Center API has a broken access control vulnerability. An unauthenticated remote attacker can call privileged API functions to perform partial system operations or cause partial disrupt of service. | |||||
| CVE-2022-26669 | 1 Asus | 1 Control Center | 2022-06-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general user privilege can inject SQL command to specific API parameters to acquire database schema or access data. | |||||
| CVE-2022-26673 | 1 Asus | 2 Rt-ax88u, Rt-ax88u Firmware | 2022-05-04 | 3.5 LOW | 5.4 MEDIUM |
| ASUS RT-AX88U has insufficient filtering for special characters in the HTTP header parameter. A remote attacker with general user privilege can exploit this vulnerability to inject JavaScript and perform Stored Cross-Site Scripting (XSS) attacks. | |||||
| CVE-2022-22054 | 1 Asus | 2 Rt-ax56u, Rt-ax56u Firmware | 2022-01-21 | 3.3 LOW | 6.5 MEDIUM |
| ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files. | |||||
| CVE-2021-46109 | 1 Asus | 1 Rt-ac52u B1 Firmware | 2022-01-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack. | |||||
| CVE-2021-37910 | 1 Asus | 10 Gt-axe11000, Gt-axe11000 Firmware, Rt-ax3000 and 7 more | 2021-11-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames. | |||||
| CVE-2021-42055 | 1 Asus | 2 Ux582lr, Ux582lr Firmware | 2021-10-22 | 4.6 MEDIUM | 6.8 MEDIUM |
| ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker. | |||||
| CVE-2019-18216 | 1 Asus | 2 Rog Zephyrus M Gm501gs, Rog Zephyrus M Gm501gs Firmware | 2021-07-21 | 7.2 HIGH | 6.8 MEDIUM |
| ** DISPUTED ** The BIOS configuration design on ASUS ROG Zephyrus M GM501GS laptops with BIOS 313 relies on the main battery instead of using a CMOS battery, which reduces the value of a protection mechanism in which booting from a USB device is prohibited. Attackers who have physical laptop access can exhaust the main battery to reset the BIOS configuration, and then achieve direct access to the hard drive by booting a live USB OS without disassembling the laptop. NOTE: the vendor has apparently indicated that this is "normal" and use of the same battery for the BIOS and the overall system is a "new design." However, the vendor apparently plans to "improve" this an unspecified later time. | |||||
| CVE-2021-28686 | 1 Asus | 1 Gputweak Ii | 2021-04-16 | 2.1 LOW | 5.5 MEDIUM |
| AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. This could enable low-privileged users to achieve Denial of Service via a DeviceIoControl. | |||||
| CVE-2021-28209 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-14 | 6.8 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files. | |||||
| CVE-2021-28208 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-14 | 6.8 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files. | |||||
| CVE-2021-28207 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-14 | 6.8 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files. | |||||
| CVE-2021-28206 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-14 | 6.8 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files. | |||||
| CVE-2021-28205 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-14 | 6.8 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files. | |||||
| CVE-2021-28202 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-14 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28201 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-14 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28200 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-14 | 4.0 MEDIUM | 4.9 MEDIUM |
| The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28199 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28198 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Firmware protocol configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28197 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28196 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Generate SSL certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28195 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28176 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28194 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Remote image configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28193 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28192 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Remote video storage function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28191 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Firmware update function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28190 | 1 Asus | 88 Asmb9-ikvm, Asmb9-ikvm Firmware, E700 G4 and 85 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Generate new certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28189 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28188 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28187 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28186 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28185 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28184 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28183 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Web License configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28182 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28181 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28178 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28180 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28179 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28177 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-28175 | 1 Asus | 6 Asmb8-ikvm, Asmb8-ikvm Firmware, Z10pe-d16 Ws and 3 more | 2021-04-09 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service. | |||||
| CVE-2021-27404 | 1 Asus | 2 Askey Rtf8115vw, Askey Rtf8115vw Firmware | 2021-02-25 | 5.8 MEDIUM | 6.1 MEDIUM |
| Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header. | |||||
| CVE-2021-27403 | 1 Asus | 2 Askey Rtf8115vw, Askey Rtf8115vw Firmware | 2021-02-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS. | |||||
| CVE-2020-15498 | 1 Asus | 2 Rt-ac1900p, Rt-ac1900p Firmware | 2020-09-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. The router accepts an arbitrary server certificate for a firmware update. The culprit is the --no-check-certificate option passed to wget tool used to download firmware update files. | |||||
| CVE-2020-15499 | 1 Asus | 2 Rt-ac1900p, Rt-ac1900p Firmware | 2020-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. They allow XSS via spoofed Release Notes on the Firmware Upgrade page. | |||||
| CVE-2018-14992 | 1 Asus | 2 Zenfone 3 Max, Zenfone 3 Max Firmware | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains a pre-installed platform app with a package name of com.asus.dm (versionCode=1510500200, versionName=1.5.0.40_171122) has an exposed interface in an exported service named com.asus.dm.installer.DMInstallerService that allows any app co-located on the device to use its capabilities to download an arbitrary app over the internet and install it. Any app on the device can send an intent with specific embedded data that will cause the com.asus.dm app to programmatically download and install the app. For the app to be downloaded and installed, certain data needs to be provided: download URL, package name, version name from the app's AndroidManifest.xml file, and the MD5 hash of the app. Moreover, any app that is installed using this method can also be programmatically uninstalled using the same unprotected component named com.asus.dm.installer.DMInstallerService. | |||||