Asus Router
12 CVEs affecting Asus Router. Latest disclosed: 2026-03-26. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-15101 | High | 8.8 | 2026-03-26 | An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbit… |
CVE-2024-13062 | High | 7.2 | 2025-01-02 | An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution. Refer to the ' 01/02/202… |
CVE-2024-12912 | High | 7.2 | 2025-01-02 | An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiC… |
CVE-2025-59372 | | 2025-11-25 | A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files o… | |
CVE-2025-59371 | | 2025-11-25 | An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability… | |
CVE-2025-59370 | | 2025-11-25 | A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbit… | |
CVE-2025-59369 | | 2025-11-25 | A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary… | |
CVE-2025-59368 | | 2025-11-25 | An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, poten… | |
CVE-2025-12003 | | 2025-11-25 | A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to… | |
CVE-2025-59365 | | 2025-11-25 | A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a craft… | |
CVE-2025-59366 | | 2025-11-25 | An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentia… | |
CVE-2025-2492 | | 2025-04-18 | An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted request, potentially leading to unauthoriz… |