Skip to main content

Router CVE-2025-15101

| EUVDEUVD-2025-209041 HIGH
Cross-Site Request Forgery (CSRF) (CWE-352)
2026-03-26 ASUS GHSA-x6h5-48q8-5528
8.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
P
Scope
X

Lifecycle Timeline

3
EUVD ID Assigned
Mar 26, 2026 - 02:30 euvd
EUVD-2025-209041
Analysis Generated
Mar 26, 2026 - 02:30 vuln.today
CVE Published
Mar 26, 2026 - 02:01 nvd
HIGH 8.5

DescriptionCVE.org

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS router models. This vulnerability potentially allows actions to be performed with the existing privileges of an authenticated user on the affected device, including the ability to execute system commands through unintended mechanisms. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

AnalysisAI

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Web management interface of ASUS router models that allows an unauthenticated attacker to perform actions with the privileges of an authenticated administrator, potentially including arbitrary system command execution. The vulnerability affects ASUS router products across multiple versions due to insufficient CSRF token validation in the web interface. While no CVSS score or EPSS data is currently available, the ability to execute system commands on a network-critical device represents a critical severity threat.

Technical ContextAI

This vulnerability is rooted in CWE-352 (Cross-Site Request Forgery), which occurs when a web application fails to properly implement anti-CSRF mechanisms such as synchronizer tokens, SameSite cookie attributes, or request origin validation. ASUS router web management interfaces (identified via CPE cpe:2.3:a:asus:router:*:*:*:*:*:*:*:*) handle sensitive operations including network configuration and system administration through HTTP POST requests. The lack of proper CSRF token validation allows an attacker to craft malicious web pages that, when visited by an authenticated router administrator, can trigger unintended state-changing operations and potentially escalate to remote code execution through embedded system command mechanisms.

RemediationAI

Users must apply the security firmware update provided by ASUS for their specific router model as documented in the ASUS Security Advisory at https://www.asus.com/security-advisory/. Administrators should immediately check the advisory, identify their router model, and apply the patched firmware version. As interim mitigations pending firmware availability, restrict access to the router's web management interface to trusted IP addresses only, disable remote management features if not required, enforce strong authentication credentials, and consider implementing a Web Application Firewall (WAF) or reverse proxy with CSRF token validation between users and the router interface if feasible in the network topology.

Share

CVE-2025-15101 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy