CVE-2023-28703 – ASUS RT-AC86U - Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-28703
ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A remote attacker with administrator privileges can exploit this vulnerability to execute arbitrary system commands, disrupt system or terminate service. • https://www.twcert.org.tw/tw/cp-132-7147-afcf9-1.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-29772
https://notcve.org/view.php?id=CVE-2023-29772
A Cross-site scripting (XSS) vulnerability in the System Log/General Log page of the administrator web UI in ASUS RT-AC51U wireless router firmware version up to and including 3.0.0.4.380.8591 allows remote attackers to inject arbitrary web script or HTML via a malicious network request. • https://gitlab.com/donnm/cves/-/blob/master/xss_rtac51u_syslog.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-26602 – ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root
https://notcve.org/view.php?id=CVE-2023-26602
ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution. ASUS ASMB8 iKVM firmware versions 1.14.51 and below suffers from a flaw where SNMPv2 can be used with write access to introduce arbitrary extensions to achieve remote code execution as root. The researchers also discovered a hardcoded administrative account. • https://github.com/D1G17/CVE-2023-26602 http://packetstormsecurity.com/files/171137/ASUS-ASMB8-iKVM-1.14.51-SNMP-Remote-Root.html http://seclists.org/fulldisclosure/2023/Feb/15 https://nwsec.de/NWSSA-002-2023.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2022-42455
https://notcve.org/view.php?id=CVE-2022-42455
ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local users can gain privileges. • https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0003.md •
CVE-2021-37316
https://notcve.org/view.php?id=CVE-2021-37316
SQL injection vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to view sensitive information via /etc/shadow. • https://robertchen.cc/blog/2021/03/31/asus-rce • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •