CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

asus

rt-ac87u_firmware

4 known vulnerabilities · sorted by CVSS score

CVE-2018-9285

CRITICAL9.8

Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.

asus / rt-ac66u_firmware+10

Network

Published Apr 4, 2018

CVE-2023-47678

CRITICAL9.1

An improper access control vulnerability exists in RT-AC87U all versions. An attacker may read or write files that are not intended to be accessed by connecting to a target device via tftp.

asus / rt-ac87u_firmware

Network

Published Nov 15, 2023

CVE-2021-43702

CRITICAL9.0

ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.

asus / zenwifi_xd4s_firmware+93

Network

Published Jul 5, 2022

CVE-2018-0581

MEDIUM6.1

Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

asus / rt-ac87u_firmware

Network

Published May 14, 2018