SQL Injection in Asus Router
CVE-2025-59369
A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary SQL queries, leading to unauthorized data access. Refer to the 'Security Updat…
Vulnerability class: SQL Injection
EPSS: 0.001 (29.4th percentile) — read the EPSS interpretation.
Affected products
- Asus Router — versions 3.0.0.4_386, 3.0.0.4_388, 3.0.0.6_102
Weakness classification (CWE)
References
- www.asus.com/security-advisory/ (vendor-advisory)