Asus Rt-ax56u Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Asus Rt-ax56u Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2021-41435 — CVSS 9.8 (critical): A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U…
CVE-2022-26376 — CVSS 9.8 (critical): A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New…
CVE-2021-43702 — CVSS 9.0 (critical): ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs…
CVE-2022-23972 — CVSS 8.8 (high): ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated…
CVE-2022-23973 — CVSS 8.8 (high): ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for…
CVE-2021-40556 — CVSS 8.8 (high): A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused…
CVE-2022-23970 — CVSS 8.1 (high): ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL…
CVE-2022-23971 — CVSS 8.1 (high): ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL…
CVE-2021-44158 — CVSS 8.0 (high): ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An…
CVE-2021-3128 — CVSS 7.5 (high): In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6…
CVE-2021-41436 — CVSS 7.5 (high): An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U…
CVE-2022-22054 — CVSS 6.5 (medium): ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL…