Filtered by vendor Asus Subscriptions
Total 281 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-2925 2 Asus, T-mobile 3 Rt-ac68u, Rt-ac68u Firmware, Tm-ac1900 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Advanced_Wireless_Content.asp in ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote attackers to inject arbitrary web script or HTML via the current_page parameter to apply.cgi.
CVE-2014-2719 2 Asus, T-mobile 10 Rt-ac66u Firmware, Rt-ac68u, Rt-ac68u Firmware and 7 more 2024-11-21 N/A
Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.
CVE-2014-2718 2 Asus, T-mobile 10 Rt-ac56r, Rt-ac66r, Rt-ac66u and 7 more 2024-11-21 N/A
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.
CVE-2013-7293 1 Asus 1 Wl-330nul 2024-11-21 N/A
The ASUS WL-330NUL router has a configuration process that relies on accessing the 192.168.1.1 IP address, but the documentation advises users to instead access a DNS hostname that does not always resolve to 192.168.1.1, which makes it easier for remote attackers to hijack the configuration traffic by controlling the server associated with that hostname.
CVE-2013-6343 1 Asus 6 Rt-ac66u, Rt-ac66u Firmware, Rt-n56u and 3 more 2024-11-21 N/A
Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp.
CVE-2013-5948 2 Asus, T-mobile 3 Rt-ac68u, Rt-ac68u Firmware, Tm-ac1900 2024-11-21 N/A
The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).
CVE-2013-4937 1 Asus 14 Dsl-n55u, Dsl-n56u Firmware, Rt-ac66u and 11 more 2024-11-21 N/A
Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attack vectors.
CVE-2013-4659 2 Asus, Trendnet 4 Rt-ac66u, Rt-ac66u Firmware, Tew-812dru and 1 more 2024-11-21 N/A
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.
CVE-2013-4656 1 Asus 4 Rt-ac66u, Rt-ac66u Firmware, Rt-n56u and 1 more 2024-11-21 9.8 Critical
Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.
CVE-2013-3610 1 Asus 2 Rt-n10e, Rt-n10e Firmware 2024-11-21 N/A
qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request.
CVE-2013-3093 1 Asus 14 Dsl-n55u, Dsl-n55u Firmware, Rt-ac66u and 11 more 2024-11-21 8.8 High
ASUS RT-N56U devices allow CSRF.
CVE-2012-4924 1 Asus 2 Ipswcom Activex Component, Net4switch 2024-11-21 N/A
Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote attackers to execute arbitrary code via a long parameter to the Alert method.
CVE-2011-4497 1 Asus 2 Rt-n56u, Rt-n56u Firmware 2024-11-21 N/A
QIS_wizard.htm on the ASUS RT-N56U router with firmware before 1.0.1.4o allows remote attackers to obtain the administrator password via a flag=detect request.
CVE-2009-3093 1 Asus 1 Asus Wl-500w 2024-11-21 N/A
Unspecified vulnerability on the ASUS WL-500W wireless router has unknown impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2009-3092 1 Asus 1 Asus Wl-500w 2024-11-21 N/A
Buffer overflow on the ASUS WL-500W wireless router has unknown impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2009-3091 1 Asus 1 Asus Wl-330ge 2024-11-21 N/A
Unspecified vulnerability on the ASUS WL-330gE has unknown impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2009-0656 1 Asus 1 Smartlogon 2024-11-21 N/A
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook user.
CVE-2008-1491 1 Asus 1 Remote Console 2024-11-21 N/A
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.
CVE-2005-3490 1 Asus 1 Video Security Online 2024-11-21 N/A
Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or "..\" sequences in the URL.
CVE-2005-3489 1 Asus 1 Video Security Online 2024-11-21 N/A
Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string.