Search criteria
6 vulnerabilities found for RT-AX92U by ASUS
VAR-202308-3086
Vulnerability from variot - Updated: 2025-08-15 23:32ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the mod_webdav.so module. When parsing a request, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-16078. ASUSTeK Computer Inc. of rt-ax92u The firmware has SQL There is an injection vulnerability.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202308-3086",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rt-ax92u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax92u",
"scope": "eq",
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax92u",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax92u",
"scope": "eq",
"trust": 0.8,
"vendor": "asustek computer",
"version": "rt-ax92u firmware 3.0.0.4.386.46061"
},
{
"model": "rt-ax92u",
"scope": null,
"trust": 0.7,
"vendor": "asus",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1166"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029582"
},
{
"db": "NVD",
"id": "CVE-2023-35720"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1166"
}
],
"trust": 0.7
},
"cve": "CVE-2023-35720",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-35720",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-029582",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-35720",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2023-35720",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2023-029582",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2023-35720",
"trust": 0.7,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1166"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029582"
},
{
"db": "NVD",
"id": "CVE-2023-35720"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the mod_webdav.so module. When parsing a request, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-16078. ASUSTeK Computer Inc. of rt-ax92u The firmware has SQL There is an injection vulnerability.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-35720"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029582"
},
{
"db": "ZDI",
"id": "ZDI-23-1166"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-35720",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-23-1166",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029582",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-16078",
"trust": 0.7
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1166"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029582"
},
{
"db": "NVD",
"id": "CVE-2023-35720"
}
]
},
"id": "VAR-202308-3086",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.45833334
},
"last_update_date": "2025-08-15T23:32:53.316000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ASUS has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.asus.com/networking-iot-servers/whole-home-mesh-wifi-system/aimesh-wifi-routers-and-systems/rt-ax92u/helpdesk_bios/?model2Name=RT-AX92U"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1166"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.0
},
{
"problemtype": "SQL injection (CWE-89) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029582"
},
{
"db": "NVD",
"id": "CVE-2023-35720"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.asus.com/networking-iot-servers/whole-home-mesh-wifi-system/aimesh-wifi-routers-and-systems/rt-ax92u/helpdesk_bios/?model2name=rt-ax92u"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-23-1166/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-35720"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-1166"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029582"
},
{
"db": "NVD",
"id": "CVE-2023-35720"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-1166"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-029582"
},
{
"db": "NVD",
"id": "CVE-2023-35720"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-23T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1166"
},
{
"date": "2025-08-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-029582"
},
{
"date": "2024-05-03T02:15:34.633000",
"db": "NVD",
"id": "CVE-2023-35720"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-23T00:00:00",
"db": "ZDI",
"id": "ZDI-23-1166"
},
{
"date": "2025-08-13T01:07:00",
"db": "JVNDB",
"id": "JVNDB-2023-029582"
},
{
"date": "2025-08-12T16:36:59.460000",
"db": "NVD",
"id": "CVE-2023-35720"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUSTeK\u00a0Computer\u00a0Inc.\u00a0 of \u00a0rt-ax92u\u00a0 in the firmware \u00a0SQL\u00a0 Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-029582"
}
],
"trust": 0.8
}
}
VAR-202111-1223
Vulnerability from variot - Updated: 2024-11-23 22:33An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet. plural ASUS The product has HTTP There is a vulnerability related to request smuggling.Service operation interruption (DoS) It may be in a state. ASUS routers is a router from ASUS, Taiwan, China.
ASUS routers has a security vulnerability. The vulnerability stems from a problem with the router firmware verifying HTTP data packets. Unauthenticated remote attackers can use this vulnerability to perform denial of service attacks by sending specially crafted HTTP data packets
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202111-1223",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rt-ax3000",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax88u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "tuf gaming ax3000",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax58u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax86s",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "zenwifi ax \\",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax82u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax56u v2",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax92u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax86u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax86u zaku ii edition",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "zenwifi xd6",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax56u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax68u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45911"
},
{
"model": "gt-ax11000",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "tuf-ax5400",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax82u gundam edition",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax55",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax58u",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax56u v2",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax82u gundam edition",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax55",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax86u",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax3000",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax56u",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax82u",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax86s",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "gt-ax11000",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "routers",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-99877"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015289"
},
{
"db": "NVD",
"id": "CVE-2021-41436"
}
]
},
"cve": "CVE-2021-41436",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-41436",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-99877",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-41436",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-41436",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-41436",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-41436",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-99877",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202111-1643",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-41436",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-99877"
},
{
"db": "VULMON",
"id": "CVE-2021-41436"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015289"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1643"
},
{
"db": "NVD",
"id": "CVE-2021-41436"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet. plural ASUS The product has HTTP There is a vulnerability related to request smuggling.Service operation interruption (DoS) It may be in a state. ASUS routers is a router from ASUS, Taiwan, China. \n\r\n\r\nASUS routers has a security vulnerability. The vulnerability stems from a problem with the router firmware verifying HTTP data packets. Unauthenticated remote attackers can use this vulnerability to perform denial of service attacks by sending specially crafted HTTP data packets",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-41436"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015289"
},
{
"db": "CNVD",
"id": "CNVD-2021-99877"
},
{
"db": "VULMON",
"id": "CVE-2021-41436"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-41436",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015289",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-99877",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1643",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-41436",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-99877"
},
{
"db": "VULMON",
"id": "CVE-2021-41436"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015289"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1643"
},
{
"db": "NVD",
"id": "CVE-2021-41436"
}
]
},
"id": "VAR-202111-1223",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-99877"
}
],
"trust": 1.09064731125
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-99877"
}
]
},
"last_update_date": "2024-11-23T22:33:00.034000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RT-AX68U ASUS",
"trust": 0.8,
"url": "https://www.asus.com/jp/"
},
{
"title": "Patch for ASUS routers environmental issue vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/305656"
},
{
"title": "ASUS routers Remediation measures for environmental problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=171131"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/efchatz/easy-exploits "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-99877"
},
{
"db": "VULMON",
"id": "CVE-2021-41436"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015289"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1643"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-444",
"trust": 1.0
},
{
"problemtype": "HTTP Request Smuggling (CWE-444) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-015289"
},
{
"db": "NVD",
"id": "CVE-2021-41436"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41436"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax56u/helpdesk_bios/"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/whole-home-mesh-wifi-system/zenwifi-wifi-systems/asus-zenwifi-ax-xt8-/helpdesk_bios/"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/wifi-routers/all-series/rt-ax55/helpdesk_bios/"
},
{
"trust": 1.7,
"url": "http://asus.com"
},
{
"trust": 1.7,
"url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax68u/helpdesk_bios/"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/whole-home-mesh-wifi-system/zenwifi-wifi-systems/asus-zenwifi-xd6/helpdesk_bios/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/efchatz/easy-exploits"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-99877"
},
{
"db": "VULMON",
"id": "CVE-2021-41436"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015289"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1643"
},
{
"db": "NVD",
"id": "CVE-2021-41436"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-99877"
},
{
"db": "VULMON",
"id": "CVE-2021-41436"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015289"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1643"
},
{
"db": "NVD",
"id": "CVE-2021-41436"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-99877"
},
{
"date": "2021-11-19T00:00:00",
"db": "VULMON",
"id": "CVE-2021-41436"
},
{
"date": "2022-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-015289"
},
{
"date": "2021-11-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-1643"
},
{
"date": "2021-11-19T12:15:09.390000",
"db": "NVD",
"id": "CVE-2021-41436"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-99877"
},
{
"date": "2021-11-23T00:00:00",
"db": "VULMON",
"id": "CVE-2021-41436"
},
{
"date": "2022-11-15T07:17:00",
"db": "JVNDB",
"id": "JVNDB-2021-015289"
},
{
"date": "2021-11-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-1643"
},
{
"date": "2024-11-21T06:26:15.047000",
"db": "NVD",
"id": "CVE-2021-41436"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-1643"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0ASUS\u00a0 In the product \u00a0HTTP\u00a0 Request Smuggling Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-015289"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "environmental issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-1643"
}
],
"trust": 0.6
}
}
VAR-202111-1224
Vulnerability from variot - Updated: 2024-11-23 22:29A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request. plural ASUS The product contains an improper restriction of excessive authentication attempts vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202111-1224",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rt-ax3000",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax88u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "tuf gaming ax3000",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax58u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax86s",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "zenwifi ax \\",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax82u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax56u v2",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax92u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax86u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax86u zaku ii edition",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "zenwifi xd6",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax56u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax68u",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45911"
},
{
"model": "gt-ax11000",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "tuf-ax5400",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax82u gundam edition",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax55",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.45898"
},
{
"model": "rt-ax58u",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax56u v2",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax82u gundam edition",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax55",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax86u",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax3000",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax56u",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax82u",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "rt-ax86s",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "gt-ax11000",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-015290"
},
{
"db": "NVD",
"id": "CVE-2021-41435"
}
]
},
"cve": "CVE-2021-41435",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-41435",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-41435",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-41435",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-41435",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-41435",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202111-1641",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2021-41435",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-41435"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015290"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1641"
},
{
"db": "NVD",
"id": "CVE-2021-41435"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request. plural ASUS The product contains an improper restriction of excessive authentication attempts vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-41435"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015290"
},
{
"db": "VULMON",
"id": "CVE-2021-41435"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-41435",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015290",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1641",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-41435",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-41435"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015290"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1641"
},
{
"db": "NVD",
"id": "CVE-2021-41435"
}
]
},
"id": "VAR-202111-1224",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4178826414285714
},
"last_update_date": "2024-11-23T22:29:11.173000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RT-AX68U ASUS",
"trust": 0.8,
"url": "https://www.asus.com/jp/"
},
{
"title": "ASUS routers Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=171129"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/efchatz/easy-exploits "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-41435"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015290"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1641"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-307",
"trust": 1.0
},
{
"problemtype": "Inappropriate limitation of excessive authentication attempts (CWE-307) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-015290"
},
{
"db": "NVD",
"id": "CVE-2021-41435"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax56u/helpdesk_bios/"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/whole-home-mesh-wifi-system/zenwifi-wifi-systems/asus-zenwifi-ax-xt8-/helpdesk_bios/"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/wifi-routers/all-series/rt-ax55/helpdesk_bios/"
},
{
"trust": 1.7,
"url": "http://asus.com"
},
{
"trust": 1.7,
"url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax68u/helpdesk_bios/"
},
{
"trust": 1.7,
"url": "https://www.asus.com/networking-iot-servers/whole-home-mesh-wifi-system/zenwifi-wifi-systems/asus-zenwifi-xd6/helpdesk_bios/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41435"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/307.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/efchatz/easy-exploits"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-41435"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015290"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1641"
},
{
"db": "NVD",
"id": "CVE-2021-41435"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-41435"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-015290"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-1641"
},
{
"db": "NVD",
"id": "CVE-2021-41435"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-19T00:00:00",
"db": "VULMON",
"id": "CVE-2021-41435"
},
{
"date": "2022-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-015290"
},
{
"date": "2021-11-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-1641"
},
{
"date": "2021-11-19T12:15:09.330000",
"db": "NVD",
"id": "CVE-2021-41435"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-23T00:00:00",
"db": "VULMON",
"id": "CVE-2021-41435"
},
{
"date": "2022-11-15T07:22:00",
"db": "JVNDB",
"id": "JVNDB-2021-015290"
},
{
"date": "2021-11-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-1641"
},
{
"date": "2024-11-21T06:26:14.863000",
"db": "NVD",
"id": "CVE-2021-41435"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-1641"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0ASUS\u00a0 Product Improper Limitation of Excessive Authentication Attempts Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-015290"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-1641"
}
],
"trust": 0.6
}
}
VAR-202207-0160
Vulnerability from variot - Updated: 2024-08-14 15:27ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device. ASUS RT-A88U is a wireless router from ASUS (ASUS) in Taiwan
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-0160",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zenwifi xd4s",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi ac mini",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac58u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax86u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac87u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-acrh13",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12vp b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac66r",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac2400",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi pro et12",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac5300",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12e c1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac55u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac68uf",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi xd6",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1300g\\+",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac2200",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac66u\\+",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac56s",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax82u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1300uhp",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12hp b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac85u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200g",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "tuf gaming ax3000 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac55uhp",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1750 b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n14uhp",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac68u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac3100",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi pro xt12",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac51u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi et8",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax92u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac66w",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac66u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax68u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax58u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax55",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac3200",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi xt9",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rog rapture gt-ac5300",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1750",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac68r",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax3000",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rog rapture gt-ax11000",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac56u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax89x",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi xd5",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi ax hybrid",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac52u b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1900",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12\\+ b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200g\\+",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n66w",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi ax mini",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200e",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac2900",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac53",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac85p",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n19",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac68w",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200gu",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax56u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac51u\\+",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ax88u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12d1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n66u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac65p",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1900u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi ax",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "4g-ac68u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "zenwifi ac",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac57u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n18u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac68p",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac86u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac65u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac66u b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "4g-ac53u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac2600",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac87r",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-acrh17",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "tuf gaming ax5400",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n66r",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n12e b1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rog rapture gt-ac2900",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200hp",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1900p",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac56r",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac88u",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-ac1200",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-n66c1",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": "3.0.0.4.386.46061"
},
{
"model": "rt-a88u 3.0.0.4.386 45898",
"scope": null,
"trust": 0.6,
"vendor": "asus",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"cve": "CVE-2021-43702",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2021-43702",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2022-58229",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.3,
"id": "CVE-2021-43702",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-43702",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2022-58229",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-389",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2021-43702",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device. ASUS RT-A88U is a wireless router from ASUS (ASUS) in Taiwan",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-43702"
},
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "VULMON",
"id": "CVE-2021-43702"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-43702",
"trust": 2.3
},
{
"db": "CNVD",
"id": "CNVD-2022-58229",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-43702",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"id": "VAR-202207-0160",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
}
],
"trust": 1.2372652696875
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
}
]
},
"last_update_date": "2024-08-14T15:27:14.485000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for ASUS RT-A88U Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/345646"
},
{
"title": "ASUS RT-A88U Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=200692"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
},
{
"trust": 1.7,
"url": "https://www.asus.com/uk/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ac88u/"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-43702/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"date": "2022-07-05T00:00:00",
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"date": "2022-07-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"date": "2022-07-05T12:15:07.830000",
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"date": "2022-07-18T00:00:00",
"db": "VULMON",
"id": "CVE-2021-43702"
},
{
"date": "2022-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-389"
},
{
"date": "2022-07-18T15:27:57.557000",
"db": "NVD",
"id": "CVE-2021-43702"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS RT-A88U Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-58229"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-389"
}
],
"trust": 0.6
}
}
CVE-2023-35720 (GCVE-0-2023-35720)
Vulnerability from nvd – Published: 2024-05-03 01:57 – Updated: 2024-08-02 16:30
VLAI?
Title
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability
Summary
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the mod_webdav.so module. When parsing a request, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-16078.
Severity ?
6.5 (Medium)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:asus:rt-ax92u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt-ax92u_firmware",
"vendor": "asus",
"versions": [
{
"status": "affected",
"version": "3.0.0.4.386.46061"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35720",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-29T18:21:09.464940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:18:10.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1166",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1166/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.asus.com/networking-iot-servers/whole-home-mesh-wifi-system/aimesh-wifi-routers-and-systems/rt-ax92u/helpdesk_bios/?model2Name=RT-AX92U"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RT-AX92U",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "3.0.0.4.386.46061"
}
]
}
],
"dateAssigned": "2023-06-15T15:31:13.927-05:00",
"datePublic": "2023-08-23T14:43:57.165-05:00",
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the mod_webdav.so module. When parsing a request, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-16078."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:57:40.156Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1166",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1166/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.asus.com/networking-iot-servers/whole-home-mesh-wifi-system/aimesh-wifi-routers-and-systems/rt-ax92u/helpdesk_bios/?model2Name=RT-AX92U"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-35720",
"datePublished": "2024-05-03T01:57:40.156Z",
"dateReserved": "2023-06-15T20:23:02.753Z",
"dateUpdated": "2024-08-02T16:30:44.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35720 (GCVE-0-2023-35720)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:57 – Updated: 2024-08-02 16:30
VLAI?
Title
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability
Summary
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the mod_webdav.so module. When parsing a request, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-16078.
Severity ?
6.5 (Medium)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:asus:rt-ax92u_firmware:3.0.0.4.386.46061:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "rt-ax92u_firmware",
"vendor": "asus",
"versions": [
{
"status": "affected",
"version": "3.0.0.4.386.46061"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35720",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-29T18:21:09.464940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:18:10.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1166",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1166/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.asus.com/networking-iot-servers/whole-home-mesh-wifi-system/aimesh-wifi-routers-and-systems/rt-ax92u/helpdesk_bios/?model2Name=RT-AX92U"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RT-AX92U",
"vendor": "ASUS",
"versions": [
{
"status": "affected",
"version": "3.0.0.4.386.46061"
}
]
}
],
"dateAssigned": "2023-06-15T15:31:13.927-05:00",
"datePublic": "2023-08-23T14:43:57.165-05:00",
"descriptions": [
{
"lang": "en",
"value": "ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the mod_webdav.so module. When parsing a request, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-16078."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:57:40.156Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1166",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1166/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.asus.com/networking-iot-servers/whole-home-mesh-wifi-system/aimesh-wifi-routers-and-systems/rt-ax92u/helpdesk_bios/?model2Name=RT-AX92U"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-35720",
"datePublished": "2024-05-03T01:57:40.156Z",
"dateReserved": "2023-06-15T20:23:02.753Z",
"dateUpdated": "2024-08-02T16:30:44.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}