Asus Rt-ac86u
16 CVEs affecting Asus Rt-ac86u. Latest disclosed: 2024-06-14. Critical: 2, High: 13.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-3080 | Critical | 9.8 | 2024-06-14 | Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device. |
CVE-2023-35087 | Critical | 9.8 | 2023-07-21 | It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by lacking validation for a specific value when ca… |
CVE-2023-39237 | High | 8.8 | 2023-09-07 | ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular user privilege can exp… |
CVE-2023-39236 | High | 8.8 | 2023-09-07 | ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit… |
CVE-2023-38033 | High | 8.8 | 2023-09-07 | ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege… |
CVE-2023-38032 | High | 8.8 | 2023-09-07 | ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. A remote attacker with regular user privilege can explo… |
CVE-2023-38031 | High | 8.8 | 2023-09-07 | ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit t… |
CVE-2023-28702 | High | 8.8 | 2023-06-02 | ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote attacker with normal user privileges can exploit this vulnerabil… |
CVE-2022-25597 | High | 8.8 | 2022-04-07 | ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN attacker to perform comm… |
CVE-2022-25596 | High | 8.8 | 2022-04-07 | ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which… |
CVE-2024-3079 | High | 7.2 | 2024-06-14 | Certain models of ASUS routers have buffer overflow vulnerabilities, allowing remote attackers with administrative privileges to execute arbitrary commands on… |
CVE-2024-0401 | High | 7.2 | 2024-05-20 | ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary op… |
CVE-2023-39239 | High | 7.2 | 2023-09-07 | It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific v… |
CVE-2023-35086 | High | 7.2 | 2023-07-21 | It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when ca… |
CVE-2023-28703 | High | 7.2 | 2023-06-02 | ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A remote… |
CVE-2022-25595 | Medium | 6.5 | 2022-04-07 | ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to cause a denial of service by sending particular request a ser… |