Skip to main content

Rt Ac68U Firmware CVE-2021-45757

HIGH
Classic Buffer Overflow (CWE-120)
2022-03-23 cve@mitre.org
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 23, 2022 - 11:15 nvd
HIGH 7.5

DescriptionNVD

ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS).

AnalysisAI

ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS). Affected products include: Asus Rt-Ac68U Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.

CVE-2013-5948 HIGH POC
8.5 Apr 22

The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware befo

CVE-2017-11420 CRITICAL POC
9.8 Jul 18

Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmw

CVE-2021-45756 CRITICAL POC
9.8 Mar 23

Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.

CVE-2018-18320 CRITICAL POC
9.8 Oct 15

An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. Rated critical severity (CVSS 9.8)

CVE-2018-18319 CRITICAL POC
9.8 Oct 15

An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. Rated critical severity (CVSS 9.8)

CVE-2018-9285 CRITICAL
9.8 Apr 04

Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3

CVE-2014-2925 MEDIUM POC
4.3 Apr 22

Cross-site scripting (XSS) vulnerability in Advanced_Wireless_Content.asp in ASUS RT-AC68U and other RT series routers w

CVE-2017-11344 HIGH
7.8 Jul 17

Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, R

CVE-2017-11345 HIGH
7.8 Jul 17

Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT

CVE-2021-3128 HIGH
7.5 Apr 12

In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386

CVE-2014-7270 MEDIUM
6.8 Feb 01

Cross-site request forgery (CSRF) vulnerability on ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlie

CVE-2014-7269 MEDIUM
6.5 Feb 01

ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with firmware 3.0.0.4.376.3715

Share

CVE-2021-45757 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy