CVE-2021-37910
ASUS GT-AXE11000, RT-AX3000, RT-AX55, RT-AX58U, TUF-AX3000 - Improper Authentication
Severity Score
5.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames.
El protocolo de acceso protegido Wi-Fi de los routers ASUS (WPA2 y WPA3-SAE), presenta un control inapropiado de la vulnerabilidad de la frecuencia de interacción, un atacante no autenticado puede desconectar remotamente las conexiones de otros usuarios enviando tramas de autenticación SAE especialmente diseñadas
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-08-02 CVE Reserved
- 2021-11-12 CVE Published
- 2024-07-28 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-799: Improper Control of Interaction Frequency
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://www.twcert.org.tw/tw/cp-132-5259-22a26-1.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Asus Search vendor "Asus" | Gt-axe11000 Firmware Search vendor "Asus" for product "Gt-axe11000 Firmware" | < 3.0.0.4.386.45898 Search vendor "Asus" for product "Gt-axe11000 Firmware" and version " < 3.0.0.4.386.45898" | - |
Affected
| in | Asus Search vendor "Asus" | Gt-axe11000 Search vendor "Asus" for product "Gt-axe11000" | - | - |
Safe
|
| Asus Search vendor "Asus" | Rt-ax3000 Firmware Search vendor "Asus" for product "Rt-ax3000 Firmware" | < 3.0.0.4.386.45898 Search vendor "Asus" for product "Rt-ax3000 Firmware" and version " < 3.0.0.4.386.45898" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ax3000 Search vendor "Asus" for product "Rt-ax3000" | - | - |
Safe
|
| Asus Search vendor "Asus" | Rt-ax55 Firmware Search vendor "Asus" for product "Rt-ax55 Firmware" | < 3.0.0.4.386.45898 Search vendor "Asus" for product "Rt-ax55 Firmware" and version " < 3.0.0.4.386.45898" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ax55 Search vendor "Asus" for product "Rt-ax55" | - | - |
Safe
|
| Asus Search vendor "Asus" | Rt-ax58u Firmware Search vendor "Asus" for product "Rt-ax58u Firmware" | < 3.0.0.4.386.45898 Search vendor "Asus" for product "Rt-ax58u Firmware" and version " < 3.0.0.4.386.45898" | - |
Affected
| in | Asus Search vendor "Asus" | Rt-ax58u Search vendor "Asus" for product "Rt-ax58u" | - | - |
Safe
|
| Asus Search vendor "Asus" | Tuf-ax3000 Firmware Search vendor "Asus" for product "Tuf-ax3000 Firmware" | < 3.0.0.4.386.45898 Search vendor "Asus" for product "Tuf-ax3000 Firmware" and version " < 3.0.0.4.386.45898" | - |
Affected
| in | Asus Search vendor "Asus" | Tuf-ax3000 Search vendor "Asus" for product "Tuf-ax3000" | - | - |
Safe
|