Skip to main content

Rt Ax55 Firmware

13 CVEs product

Monthly

CVE-2023-41348 HIGH This Week

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ax55 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-41347 HIGH This Week

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ax55 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-41346 HIGH This Week

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ax55 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-41345 HIGH This Week

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ax55 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-39780 HIGH POC KEV THREAT This Week

On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Rt Ax55 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
33.6%
CVE-2023-39240 HIGH This Week

It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Rt Ax55 Firmware Rt Ax56U V2 Firmware Rt Ac86U Firmware
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2023-39239 HIGH This Week

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Rt Ax55 Firmware Rt Ax56U V2 Firmware Rt Ac86U Firmware
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2023-39238 HIGH This Week

It is identified a format string vulnerability in ASUS RT-AX56U V2. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Rt Ax55 Firmware Rt Ax56U V2 Firmware Rt Ac86U Firmware
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2022-26376 CRITICAL POC Act Now

A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Asuswrt New Gen Xt8 Firmware +16
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-41436 HIGH This Week

An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Information Disclosure Gt Ax11000 Firmware Rt Ax3000 Firmware Rt Ax55 Firmware +15
NVD VulDB
CVSS 3.1
7.5
EPSS
4.6%
CVE-2021-41435 CRITICAL Act Now

A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Gt Ax11000 Firmware Rt Ax3000 Firmware Rt Ax55 Firmware Rt Ax56U Firmware +14
NVD VulDB
CVSS 3.1
9.8
EPSS
6.0%
CVE-2021-37910 MEDIUM This Month

ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users'. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gt Axe11000 Firmware Rt Ax3000 Firmware Rt Ax55 Firmware Rt Ax58U Firmware +1
NVD
CVSS 3.1
5.3
EPSS
2.4%
CVE-2021-3128 HIGH This Week

In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zenwifi Ax Xt8 Firmware Rt Ax3000 Firmware Rt Ax55 Firmware Rt Ax56U Firmware +23
NVD
CVSS 3.1
7.5
EPSS
2.2%
EPSS 1% CVSS 8.8
HIGH This Week

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ax55 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ax55 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ax55 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Rt Ax55 Firmware
NVD
EPSS 34% CVSS 8.8
HIGH POC KEV THREAT This Week

On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Rt Ax55 Firmware
NVD GitHub
EPSS 1% CVSS 7.2
HIGH This Week

It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Rt Ax55 Firmware Rt Ax56U V2 Firmware +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Rt Ax55 Firmware Rt Ax56U V2 Firmware +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

It is identified a format string vulnerability in ASUS RT-AX56U V2. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Rt Ax55 Firmware Rt Ax56U V2 Firmware +1
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Asuswrt +18
NVD
EPSS 5% CVSS 7.5
HIGH This Week

An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S),. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Information Disclosure Gt Ax11000 Firmware +17
NVD VulDB
EPSS 6% CVSS 9.8
CRITICAL Act Now

A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Gt Ax11000 Firmware Rt Ax3000 Firmware +16
NVD VulDB
EPSS 2% CVSS 5.3
MEDIUM This Month

ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users'. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gt Axe11000 Firmware Rt Ax3000 Firmware +3
NVD
EPSS 2% CVSS 7.5
HIGH This Week

In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zenwifi Ax Xt8 Firmware Rt Ax3000 Firmware +25
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy