Asus Rt-ac86u Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Asus Rt-ac86u Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2018-8826 — CVSS 9.8 (critical): ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1…
CVE-2018-9285 — CVSS 9.8 (critical): Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before…
CVE-2023-35087 — CVSS 9.8 (critical): It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by lacking validation for a…
CVE-2021-43702 — CVSS 9.0 (critical): ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs…
CVE-2022-25597 — CVSS 8.8 (high): ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN…
CVE-2023-28702 — CVSS 8.8 (high): ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote attacker with normal user privileges can…
CVE-2023-38032 — CVSS 8.8 (high): ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. A remote attacker with regular user…
CVE-2023-39236 — CVSS 8.8 (high): ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. A remote attacker with regular user…
CVE-2023-39237 — CVSS 8.8 (high): ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular…
CVE-2022-25596 — CVSS 8.8 (high): ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption…
CVE-2023-38033 — CVSS 8.8 (high): ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. A remote attacker with…
CVE-2023-38031 — CVSS 8.8 (high): ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. A remote attacker with regular user…
CVE-2021-3128 — CVSS 7.5 (high): In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6…
CVE-2023-39240 — CVSS 7.2 (high): It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking…
CVE-2023-28703 — CVSS 7.2 (high): ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet…
CVE-2023-35086 — CVSS 7.2 (high): It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a…
CVE-2023-39238 — CVSS 7.2 (high): It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value…
CVE-2023-39239 — CVSS 7.2 (high): It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking…
CVE-2022-25595 — CVSS 6.5 (medium): ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to cause a denial of service by sending…