HIGH🇵🇱 Wersja polska

CVE-2023-38031

CVSS 8.8v3.1pub. 2023-09-07upd. 2024-11-21

ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Asus Rt Ac86u

    HW
    Asus
    wszystkie wersje
  • Asus Rt Ac86u Firmware

    OS
    Asus
    3.0.0.4_386_51529
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2023-35087CRITICAL9.8ten sam produkt

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused b...

CVE-2018-20334CRITICAL9.8ten sam produkt

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is...

CVE-2018-8826CRITICAL9.8ten sam produkt

ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.38...

CVE-2018-9285CRITICAL9.8ten sam produkt

Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, ...

CVE-2023-38032HIGH8.8ten sam produkt

ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. A remo...