Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for rt-ac88u_firmware by asus

    CVE-2021-43702 (GCVE-0-2021-43702)

    Vulnerability from nvd – Published: 2022-07-05 11:50 – Updated: 2024-08-04 04:03
    VLAI
    Summary
    ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:03:08.643Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-05T11:50:03.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-43702",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
                },
                {
                  "name": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch",
                  "refsource": "MISC",
                  "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-43702",
        "datePublished": "2022-07-05T11:50:03.000Z",
        "dateReserved": "2021-11-15T00:00:00.000Z",
        "dateUpdated": "2024-08-04T04:03:08.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-3128 (GCVE-0-2021-3128)

    Vulnerability from nvd – Published: 2021-04-12 17:41 – Updated: 2024-08-03 16:45
    VLAI
    Summary
    In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/Whole… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC5300/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC88U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC3100/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC86U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC2900/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1750_B1/Hel… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900P/HelpD… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900U/HelpD… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68P/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68R/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68RW/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC58U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC85U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC65U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68W/HelpDes… x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:45:51.264Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-12T17:41:07.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-3128",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-3128",
        "datePublished": "2021-04-12T17:41:07.000Z",
        "dateReserved": "2021-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:45:51.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-29656 (GCVE-0-2020-29656)

    Vulnerability from nvd – Published: 2020-12-09 08:00 – Updated: 2024-08-04 16:55
    VLAI
    Summary
    An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial&download_type=General&special_cgi=get_language makes it possible to reach "unknown functionality" in a "known to be easy" manner via an unspecified "public exploit."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.165677 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:55:10.668Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.165677"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial\u0026download_type=General\u0026special_cgi=get_language makes it possible to reach \"unknown functionality\" in a \"known to be easy\" manner via an unspecified \"public exploit.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-09T08:00:42.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://vuldb.com/?id.165677"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-29656",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial\u0026download_type=General\u0026special_cgi=get_language makes it possible to reach \"unknown functionality\" in a \"known to be easy\" manner via an unspecified \"public exploit.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://vuldb.com/?id.165677",
                  "refsource": "MISC",
                  "url": "https://vuldb.com/?id.165677"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-29656",
        "datePublished": "2020-12-09T08:00:42.000Z",
        "dateReserved": "2020-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:55:10.668Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-29655 (GCVE-0-2020-29655)

    Vulnerability from nvd – Published: 2020-12-09 08:00 – Updated: 2024-08-04 16:55
    VLAI
    Summary
    An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1&productname=FOOBAR&url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.165678 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:55:10.821Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.165678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1\u0026productname=FOOBAR\u0026url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-09T08:00:58.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://vuldb.com/?id.165678"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-29655",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1\u0026productname=FOOBAR\u0026url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://vuldb.com/?id.165678",
                  "refsource": "MISC",
                  "url": "https://vuldb.com/?id.165678"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-29655",
        "datePublished": "2020-12-09T08:00:58.000Z",
        "dateReserved": "2020-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:55:10.821Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-9285 (GCVE-0-2018-9285)

    Vulnerability from nvd – Published: 2018-04-04 19:00 – Updated: 2024-08-05 07:17
    VLAI
    Summary
    Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2018-04-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:17:52.082Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/zeroday/FG-VD-17-216"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-04-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-13T17:06:15.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://fortiguard.com/zeroday/FG-VD-17-216"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-9285",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html",
                  "refsource": "MISC",
                  "url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
                },
                {
                  "name": "https://fortiguard.com/zeroday/FG-VD-17-216",
                  "refsource": "MISC",
                  "url": "https://fortiguard.com/zeroday/FG-VD-17-216"
                },
                {
                  "name": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-9285",
        "datePublished": "2018-04-04T19:00:00.000Z",
        "dateReserved": "2018-04-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:17:52.082Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-43702 (GCVE-0-2021-43702)

    Vulnerability from cvelistv5 – Published: 2022-07-05 11:50 – Updated: 2024-08-04 04:03
    VLAI
    Summary
    ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:03:08.643Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-05T11:50:03.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-43702",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
                },
                {
                  "name": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch",
                  "refsource": "MISC",
                  "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-43702",
        "datePublished": "2022-07-05T11:50:03.000Z",
        "dateReserved": "2021-11-15T00:00:00.000Z",
        "dateUpdated": "2024-08-04T04:03:08.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-3128 (GCVE-0-2021-3128)

    Vulnerability from cvelistv5 – Published: 2021-04-12 17:41 – Updated: 2024-08-03 16:45
    VLAI
    Summary
    In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/Whole… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC5300/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC88U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC3100/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC86U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC2900/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1750_B1/Hel… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900P/HelpD… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900U/HelpD… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68P/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68R/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68RW/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC58U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC85U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC65U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68W/HelpDes… x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:45:51.264Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-12T17:41:07.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-3128",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-3128",
        "datePublished": "2021-04-12T17:41:07.000Z",
        "dateReserved": "2021-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:45:51.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-29655 (GCVE-0-2020-29655)

    Vulnerability from cvelistv5 – Published: 2020-12-09 08:00 – Updated: 2024-08-04 16:55
    VLAI
    Summary
    An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1&productname=FOOBAR&url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.165678 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:55:10.821Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.165678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1\u0026productname=FOOBAR\u0026url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-09T08:00:58.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://vuldb.com/?id.165678"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-29655",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1\u0026productname=FOOBAR\u0026url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://vuldb.com/?id.165678",
                  "refsource": "MISC",
                  "url": "https://vuldb.com/?id.165678"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-29655",
        "datePublished": "2020-12-09T08:00:58.000Z",
        "dateReserved": "2020-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:55:10.821Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-29656 (GCVE-0-2020-29656)

    Vulnerability from cvelistv5 – Published: 2020-12-09 08:00 – Updated: 2024-08-04 16:55
    VLAI
    Summary
    An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial&download_type=General&special_cgi=get_language makes it possible to reach "unknown functionality" in a "known to be easy" manner via an unspecified "public exploit."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.165677 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:55:10.668Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.165677"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial\u0026download_type=General\u0026special_cgi=get_language makes it possible to reach \"unknown functionality\" in a \"known to be easy\" manner via an unspecified \"public exploit.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-09T08:00:42.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://vuldb.com/?id.165677"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-29656",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial\u0026download_type=General\u0026special_cgi=get_language makes it possible to reach \"unknown functionality\" in a \"known to be easy\" manner via an unspecified \"public exploit.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://vuldb.com/?id.165677",
                  "refsource": "MISC",
                  "url": "https://vuldb.com/?id.165677"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-29656",
        "datePublished": "2020-12-09T08:00:42.000Z",
        "dateReserved": "2020-12-09T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:55:10.668Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-9285 (GCVE-0-2018-9285)

    Vulnerability from cvelistv5 – Published: 2018-04-04 19:00 – Updated: 2024-08-05 07:17
    VLAI
    Summary
    Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2018-04-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:17:52.082Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/zeroday/FG-VD-17-216"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-04-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-13T17:06:15.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://fortiguard.com/zeroday/FG-VD-17-216"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-9285",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html",
                  "refsource": "MISC",
                  "url": "https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html"
                },
                {
                  "name": "https://fortiguard.com/zeroday/FG-VD-17-216",
                  "refsource": "MISC",
                  "url": "https://fortiguard.com/zeroday/FG-VD-17-216"
                },
                {
                  "name": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-9285",
        "datePublished": "2018-04-04T19:00:00.000Z",
        "dateReserved": "2018-04-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T07:17:52.082Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }