Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for rt-ax58u_firmware by asus

    CVE-2022-26376 (GCVE-0-2022-26376)

    Vulnerability from nvd – Published: 2022-08-05 21:18 – Updated: 2025-04-15 18:53
    VLAI
    Summary
    A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Date Public
    2022-07-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T05:03:32.976Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-26376",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-15T18:18:45.679502Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-15T18:53:55.243Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Asuswrt-Merlin New Gen",
              "vendor": "Asuswrt-Merlin",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to 386.7"
                }
              ]
            }
          ],
          "datePublic": "2022-07-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2022-26376",
        "datePublished": "2022-08-05T21:18:47.095Z",
        "dateReserved": "2022-04-05T00:00:00.000Z",
        "dateUpdated": "2025-04-15T18:53:55.243Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-43702 (GCVE-0-2021-43702)

    Vulnerability from nvd – Published: 2022-07-05 11:50 – Updated: 2024-08-04 04:03
    VLAI
    Summary
    ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:03:08.643Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-05T11:50:03.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-43702",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
                },
                {
                  "name": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch",
                  "refsource": "MISC",
                  "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-43702",
        "datePublished": "2022-07-05T11:50:03.000Z",
        "dateReserved": "2021-11-15T00:00:00.000Z",
        "dateUpdated": "2024-08-04T04:03:08.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-41436 (GCVE-0-2021-41436)

    Vulnerability from nvd – Published: 2021-11-19 11:14 – Updated: 2024-08-04 03:15
    VLAI
    Summary
    An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:15:28.211Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://asus.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-19T11:14:09.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://asus.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-41436",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://asus.com",
                  "refsource": "MISC",
                  "url": "http://asus.com"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
                },
                {
                  "name": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios",
                  "refsource": "MISC",
                  "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-41436",
        "datePublished": "2021-11-19T11:14:09.000Z",
        "dateReserved": "2021-09-20T00:00:00.000Z",
        "dateUpdated": "2024-08-04T03:15:28.211Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-41435 (GCVE-0-2021-41435)

    Vulnerability from nvd – Published: 2021-11-19 11:26 – Updated: 2024-08-04 03:15
    VLAI
    Summary
    A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:15:27.279Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://asus.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-19T11:26:30.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://asus.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-41435",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://asus.com",
                  "refsource": "MISC",
                  "url": "http://asus.com"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
                },
                {
                  "name": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios",
                  "refsource": "MISC",
                  "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-41435",
        "datePublished": "2021-11-19T11:26:30.000Z",
        "dateReserved": "2021-09-20T00:00:00.000Z",
        "dateUpdated": "2024-08-04T03:15:27.279Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-37910 (GCVE-0-2021-37910)

    Vulnerability from nvd – Published: 2021-11-12 01:40 – Updated: 2024-09-16 19:05
    VLAI
    Title
    ASUS GT-AXE11000, RT-AX3000, RT-AX55, RT-AX58U, TUF-AX3000 - Improper Authentication
    Summary
    ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames.
    CWE
    • CWE-799 - Improper Control of Interaction Frequency
    Assigner
    References
    Impacted products
    Vendor Product Version
    ASUS GT-AXE11000 Affected: unspecified , < 3.0.0.4.386.45898 (custom)
    Create a notification for this product.
    ASUS RT-AX3000 Affected: unspecified , < 3.0.0.4.386.45898 (custom)
    Create a notification for this product.
    ASUS RT-AX55 Affected: unspecified , < 3.0.0.4.386.45898 (custom)
    Create a notification for this product.
    ASUS RT-AX58U Affected: unspecified , < 3.0.0.4.386.45898 (custom)
    Create a notification for this product.
    ASUS TUF-AX3000 Affected: unspecified , < 3.0.0.4.386.45898 (custom)
    Create a notification for this product.
    Date Public
    2021-11-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T01:30:09.144Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.twcert.org.tw/tw/cp-132-5259-22a26-1.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "GT-AXE11000",
              "vendor": "ASUS",
              "versions": [
                {
                  "lessThan": "3.0.0.4.386.45898",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "RT-AX3000",
              "vendor": "ASUS",
              "versions": [
                {
                  "lessThan": "3.0.0.4.386.45898",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "RT-AX55",
              "vendor": "ASUS",
              "versions": [
                {
                  "lessThan": "3.0.0.4.386.45898",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "RT-AX58U",
              "vendor": "ASUS",
              "versions": [
                {
                  "lessThan": "3.0.0.4.386.45898",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "TUF-AX3000",
              "vendor": "ASUS",
              "versions": [
                {
                  "lessThan": "3.0.0.4.386.45898",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-11-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users\u0027 connections by sending specially crafted SAE authentication frames."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-799",
                  "description": "CWE-799 Improper Control of Interaction Frequency",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-12T01:40:13.000Z",
            "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
            "shortName": "twcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.twcert.org.tw/tw/cp-132-5259-22a26-1.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Update Routes firmware to last version:\nASUS GT-AXE11000 v3.0.0.4.386.45898\nASUS RT-AX3000 v3.0.0.4.386.45898\nASUS RT-AX55 v3.0.0.4.386.45898\nASUS RT-AX58U v3.0.0.4.386.45898\nASUS TUF-AX3000 v3.0.0.4.386.45898"
            }
          ],
          "source": {
            "advisory": "TVN-202109034",
            "discovery": "EXTERNAL"
          },
          "title": "ASUS GT-AXE11000, RT-AX3000, RT-AX55, RT-AX58U, TUF-AX3000 - Improper Authentication",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "TWCERT/CC",
              "ASSIGNER": "cve@cert.org.tw",
              "DATE_PUBLIC": "2021-11-12T07:06:00.000Z",
              "ID": "CVE-2021-37910",
              "STATE": "PUBLIC",
              "TITLE": "ASUS GT-AXE11000, RT-AX3000, RT-AX55, RT-AX58U, TUF-AX3000 - Improper Authentication"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "GT-AXE11000",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "3.0.0.4.386.45898"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RT-AX3000",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "3.0.0.4.386.45898"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RT-AX55",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "3.0.0.4.386.45898"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RT-AX58U",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "3.0.0.4.386.45898"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "TUF-AX3000",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "3.0.0.4.386.45898"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ASUS"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users\u0027 connections by sending specially crafted SAE authentication frames."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-799 Improper Control of Interaction Frequency"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.twcert.org.tw/tw/cp-132-5259-22a26-1.html",
                  "refsource": "MISC",
                  "url": "https://www.twcert.org.tw/tw/cp-132-5259-22a26-1.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update Routes firmware to last version:\nASUS GT-AXE11000 v3.0.0.4.386.45898\nASUS RT-AX3000 v3.0.0.4.386.45898\nASUS RT-AX55 v3.0.0.4.386.45898\nASUS RT-AX58U v3.0.0.4.386.45898\nASUS TUF-AX3000 v3.0.0.4.386.45898"
              }
            ],
            "source": {
              "advisory": "TVN-202109034",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "assignerShortName": "twcert",
        "cveId": "CVE-2021-37910",
        "datePublished": "2021-11-12T01:40:13.569Z",
        "dateReserved": "2021-08-02T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:05:28.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-3128 (GCVE-0-2021-3128)

    Vulnerability from nvd – Published: 2021-04-12 17:41 – Updated: 2024-08-03 16:45
    VLAI
    Summary
    In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/Whole… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC5300/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC88U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC3100/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC86U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC2900/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1750_B1/Hel… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900P/HelpD… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900U/HelpD… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68P/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68R/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68RW/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC58U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC85U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC65U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68W/HelpDes… x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:45:51.264Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-12T17:41:07.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-3128",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-3128",
        "datePublished": "2021-04-12T17:41:07.000Z",
        "dateReserved": "2021-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:45:51.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-26376 (GCVE-0-2022-26376)

    Vulnerability from cvelistv5 – Published: 2022-08-05 21:18 – Updated: 2025-04-15 18:53
    VLAI
    Summary
    A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Date Public
    2022-07-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T05:03:32.976Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-26376",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-15T18:18:45.679502Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-15T18:53:55.243Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Asuswrt-Merlin New Gen",
              "vendor": "Asuswrt-Merlin",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to 386.7"
                }
              ]
            }
          ],
          "datePublic": "2022-07-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-07T00:00:00.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2022-26376",
        "datePublished": "2022-08-05T21:18:47.095Z",
        "dateReserved": "2022-04-05T00:00:00.000Z",
        "dateUpdated": "2025-04-15T18:53:55.243Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-43702 (GCVE-0-2021-43702)

    Vulnerability from cvelistv5 – Published: 2022-07-05 11:50 – Updated: 2024-08-04 04:03
    VLAI
    Summary
    ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:03:08.643Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-05T11:50:03.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-43702",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/"
                },
                {
                  "name": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch",
                  "refsource": "MISC",
                  "url": "https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-43702",
        "datePublished": "2022-07-05T11:50:03.000Z",
        "dateReserved": "2021-11-15T00:00:00.000Z",
        "dateUpdated": "2024-08-04T04:03:08.643Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-41435 (GCVE-0-2021-41435)

    Vulnerability from cvelistv5 – Published: 2021-11-19 11:26 – Updated: 2024-08-04 03:15
    VLAI
    Summary
    A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:15:27.279Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://asus.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-19T11:26:30.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://asus.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-41435",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://asus.com",
                  "refsource": "MISC",
                  "url": "http://asus.com"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
                },
                {
                  "name": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios",
                  "refsource": "MISC",
                  "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-41435",
        "datePublished": "2021-11-19T11:26:30.000Z",
        "dateReserved": "2021-09-20T00:00:00.000Z",
        "dateUpdated": "2024-08-04T03:15:27.279Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-41436 (GCVE-0-2021-41436)

    Vulnerability from cvelistv5 – Published: 2021-11-19 11:14 – Updated: 2024-08-04 03:15
    VLAI
    Summary
    An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:15:28.211Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://asus.com"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-19T11:14:09.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://asus.com"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-41436",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://asus.com",
                  "refsource": "MISC",
                  "url": "http://asus.com"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
                },
                {
                  "name": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios",
                  "refsource": "MISC",
                  "url": "https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-41436",
        "datePublished": "2021-11-19T11:14:09.000Z",
        "dateReserved": "2021-09-20T00:00:00.000Z",
        "dateUpdated": "2024-08-04T03:15:28.211Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-37910 (GCVE-0-2021-37910)

    Vulnerability from cvelistv5 – Published: 2021-11-12 01:40 – Updated: 2024-09-16 19:05
    VLAI
    Title
    ASUS GT-AXE11000, RT-AX3000, RT-AX55, RT-AX58U, TUF-AX3000 - Improper Authentication
    Summary
    ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames.
    CWE
    • CWE-799 - Improper Control of Interaction Frequency
    Assigner
    References
    Impacted products
    Vendor Product Version
    ASUS GT-AXE11000 Affected: unspecified , < 3.0.0.4.386.45898 (custom)
    Create a notification for this product.
    ASUS RT-AX3000 Affected: unspecified , < 3.0.0.4.386.45898 (custom)
    Create a notification for this product.
    ASUS RT-AX55 Affected: unspecified , < 3.0.0.4.386.45898 (custom)
    Create a notification for this product.
    ASUS RT-AX58U Affected: unspecified , < 3.0.0.4.386.45898 (custom)
    Create a notification for this product.
    ASUS TUF-AX3000 Affected: unspecified , < 3.0.0.4.386.45898 (custom)
    Create a notification for this product.
    Date Public
    2021-11-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T01:30:09.144Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.twcert.org.tw/tw/cp-132-5259-22a26-1.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "GT-AXE11000",
              "vendor": "ASUS",
              "versions": [
                {
                  "lessThan": "3.0.0.4.386.45898",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "RT-AX3000",
              "vendor": "ASUS",
              "versions": [
                {
                  "lessThan": "3.0.0.4.386.45898",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "RT-AX55",
              "vendor": "ASUS",
              "versions": [
                {
                  "lessThan": "3.0.0.4.386.45898",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "RT-AX58U",
              "vendor": "ASUS",
              "versions": [
                {
                  "lessThan": "3.0.0.4.386.45898",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "TUF-AX3000",
              "vendor": "ASUS",
              "versions": [
                {
                  "lessThan": "3.0.0.4.386.45898",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-11-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users\u0027 connections by sending specially crafted SAE authentication frames."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-799",
                  "description": "CWE-799 Improper Control of Interaction Frequency",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-12T01:40:13.000Z",
            "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
            "shortName": "twcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.twcert.org.tw/tw/cp-132-5259-22a26-1.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Update Routes firmware to last version:\nASUS GT-AXE11000 v3.0.0.4.386.45898\nASUS RT-AX3000 v3.0.0.4.386.45898\nASUS RT-AX55 v3.0.0.4.386.45898\nASUS RT-AX58U v3.0.0.4.386.45898\nASUS TUF-AX3000 v3.0.0.4.386.45898"
            }
          ],
          "source": {
            "advisory": "TVN-202109034",
            "discovery": "EXTERNAL"
          },
          "title": "ASUS GT-AXE11000, RT-AX3000, RT-AX55, RT-AX58U, TUF-AX3000 - Improper Authentication",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "TWCERT/CC",
              "ASSIGNER": "cve@cert.org.tw",
              "DATE_PUBLIC": "2021-11-12T07:06:00.000Z",
              "ID": "CVE-2021-37910",
              "STATE": "PUBLIC",
              "TITLE": "ASUS GT-AXE11000, RT-AX3000, RT-AX55, RT-AX58U, TUF-AX3000 - Improper Authentication"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "GT-AXE11000",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "3.0.0.4.386.45898"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RT-AX3000",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "3.0.0.4.386.45898"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RT-AX55",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "3.0.0.4.386.45898"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RT-AX58U",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "3.0.0.4.386.45898"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "TUF-AX3000",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "3.0.0.4.386.45898"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ASUS"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users\u0027 connections by sending specially crafted SAE authentication frames."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-799 Improper Control of Interaction Frequency"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.twcert.org.tw/tw/cp-132-5259-22a26-1.html",
                  "refsource": "MISC",
                  "url": "https://www.twcert.org.tw/tw/cp-132-5259-22a26-1.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update Routes firmware to last version:\nASUS GT-AXE11000 v3.0.0.4.386.45898\nASUS RT-AX3000 v3.0.0.4.386.45898\nASUS RT-AX55 v3.0.0.4.386.45898\nASUS RT-AX58U v3.0.0.4.386.45898\nASUS TUF-AX3000 v3.0.0.4.386.45898"
              }
            ],
            "source": {
              "advisory": "TVN-202109034",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "assignerShortName": "twcert",
        "cveId": "CVE-2021-37910",
        "datePublished": "2021-11-12T01:40:13.569Z",
        "dateReserved": "2021-08-02T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:05:28.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-3128 (GCVE-0-2021-3128)

    Vulnerability from cvelistv5 – Published: 2021-04-12 17:41 – Updated: 2024-08-03 16:45
    VLAI
    Summary
    In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/Whole… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC5300/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC88U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC3100/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC86U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC2900/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1750_B1/Hel… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900P/HelpD… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC1900U/HelpD… x_refsource_MISC
    https://www.asus.com/Networking-IoT-Servers/WiFi-… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68P/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68R/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68RW/HelpDe… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC58U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC85U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC65U/HelpDes… x_refsource_MISC
    https://www.asus.com/supportonly/RT-AC68W/HelpDes… x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:45:51.264Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-12T17:41:07.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-3128",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware \u003c 3.0.0.4.386.42095 or \u003c 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP\u0027s router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/"
                },
                {
                  "name": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/",
                  "refsource": "MISC",
                  "url": "https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-3128",
        "datePublished": "2021-04-12T17:41:07.000Z",
        "dateReserved": "2021-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:45:51.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }