Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for rt-ac52u_b1_firmware by asus

    CVE-2021-43702 (GCVE-0-2021-43702)

    Vulnerability from nvd – Published: 2022-07-05 11:50 – Updated: 2024-08-04 04:03
    VLAI
    Summary
    ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:03:08.643Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-05T11:50:03.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-43702",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
                },
                {
                  "name": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch",
                  "refsource": "MISC",
                  "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-43702",
        "datePublished": "2022-07-05T11:50:03.000Z",
        "dateReserved": "2021-11-15T00:00:00.000Z",
        "dateUpdated": "2024-08-04T04:03:08.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-46109 (GCVE-0-2021-46109)

    Vulnerability from nvd – Published: 2022-01-03 14:34 – Updated: 2024-08-04 05:02
    VLAI
    Summary
    Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T05:02:11.174Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/drive/folders/1GAOuZwPB-upkpjPgjB8qLIKl9Mh3IVfl?usp=sharing"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-03T14:34:16.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://drive.google.com/drive/folders/1GAOuZwPB-upkpjPgjB8qLIKl9Mh3IVfl?usp=sharing"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-46109",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://drive.google.com/drive/folders/1GAOuZwPB-upkpjPgjB8qLIKl9Mh3IVfl?usp=sharing",
                  "refsource": "MISC",
                  "url": "https://drive.google.com/drive/folders/1GAOuZwPB-upkpjPgjB8qLIKl9Mh3IVfl?usp=sharing"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-46109",
        "datePublished": "2022-01-03T14:34:16.000Z",
        "dateReserved": "2022-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-04T05:02:11.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-8826 (GCVE-0-2018-8826)

    Vulnerability from nvd – Published: 2018-04-20 20:00 – Updated: 2024-08-05 07:02
    VLAI
    Summary
    ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2018-03-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:02:26.055Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-03-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-20T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-8826",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-8826",
        "datePublished": "2018-04-20T20:00:00.000Z",
        "dateReserved": "2018-03-20T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:02:26.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-43702 (GCVE-0-2021-43702)

    Vulnerability from cvelistv5 – Published: 2022-07-05 11:50 – Updated: 2024-08-04 04:03
    VLAI
    Summary
    ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:03:08.643Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-05T11:50:03.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-43702",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
                },
                {
                  "name": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch",
                  "refsource": "MISC",
                  "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-43702",
        "datePublished": "2022-07-05T11:50:03.000Z",
        "dateReserved": "2021-11-15T00:00:00.000Z",
        "dateUpdated": "2024-08-04T04:03:08.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-46109 (GCVE-0-2021-46109)

    Vulnerability from cvelistv5 – Published: 2022-01-03 14:34 – Updated: 2024-08-04 05:02
    VLAI
    Summary
    Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T05:02:11.174Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/drive/folders/1GAOuZwPB-upkpjPgjB8qLIKl9Mh3IVfl?usp=sharing"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-03T14:34:16.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://drive.google.com/drive/folders/1GAOuZwPB-upkpjPgjB8qLIKl9Mh3IVfl?usp=sharing"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-46109",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://drive.google.com/drive/folders/1GAOuZwPB-upkpjPgjB8qLIKl9Mh3IVfl?usp=sharing",
                  "refsource": "MISC",
                  "url": "https://drive.google.com/drive/folders/1GAOuZwPB-upkpjPgjB8qLIKl9Mh3IVfl?usp=sharing"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-46109",
        "datePublished": "2022-01-03T14:34:16.000Z",
        "dateReserved": "2022-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-04T05:02:11.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-8826 (GCVE-0-2018-8826)

    Vulnerability from cvelistv5 – Published: 2018-04-20 20:00 – Updated: 2024-08-05 07:02
    VLAI
    Summary
    ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2018-03-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:02:26.055Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-03-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-20T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-8826",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/",
                  "refsource": "CONFIRM",
                  "url": "https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-8826",
        "datePublished": "2018-04-20T20:00:00.000Z",
        "dateReserved": "2018-03-20T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:02:26.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }