CVE-2021-3128

Published: Apr 12, 2021Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.

Affected (54)

Products: Asus: Zenwifi Ax (xt8) Firmware, Rt Ax3000 Firmware, Rt Ax55 Firmware, Rt Ax56u Firmware, Rt Ax58u Firmware, Rt Ax68u Firmware, Rt Ax82u Firmware, Rt Ax86u Firmware, Rt Ax88u Firmware, Rt Ac66u B1 Firmware, Rt Ac1750 B1 Firmware, Rt Ac1900 Firmware, Rt Ac1900p Firmware, Rt Ac1900u Firmware, Rt Ac2900 Firmware, Rt Ac3100 Firmware, Rt Ac5300 Firmware, Rt Ac58u Firmware, Rt Ac65u Firmware, Rt Ac68p Firmware, Rt Ac68r Firmware, Rt Ac68rw Firmware, Rt Ac68u Firmware, Rt Ac68w Firmware, Rt Ac85u Firmware, Rt Ac86u Firmware, Rt Ac88u Firmware

Asus

27 products

Zenwifi Ax (xt8) Firmware

Rt Ac1750 B1 Firmware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Asus Zenwifi Ax (xt8) Firmware	Before 3.0.0.4.386.42095

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Zenwifi Ax (xt8) Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Zenwifi Ax (xt8)	All versions

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ax3000 Firmware	Before 3.0.0.4.386.42095

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ax3000 Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ax3000	All versions

Configuration E

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ax55 Firmware	Before 3.0.0.4.386.42095

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ax55 Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ax55	All versions

Configuration G

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ax56u Firmware	Before 3.0.0.4.386.42095

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ax56u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ax56u	All versions

Configuration I

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ax58u Firmware	Before 3.0.0.4.386.42095

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ax58u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ax58u	All versions

Configuration K

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ax68u Firmware	Before 3.0.0.4.386.42095

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ax68u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ax68u	All versions

Configuration M

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ax82u Firmware	Before 3.0.0.4.386.42095

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ax82u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ax82u	All versions

Configuration O

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ax86u Firmware	Before 3.0.0.4.386.42095

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ax86u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ax86u	All versions

Configuration Q

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ax88u Firmware	Before 3.0.0.4.386.42095

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ax88u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ax88u	All versions

Configuration S

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac66u B1 Firmware	Before 3.0.0.4.386.42095

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac66u B1 Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac66u B1	All versions

Configuration U

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac1750 B1 Firmware	Before 3.0.0.4.386.42095

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac1750 B1 Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac1750 B1	All versions

Configuration W

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac1900 Firmware	Before 3.0.0.4.386.42095

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac1900 Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac1900	All versions

Configuration Y

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac1900p Firmware	Before 3.0.0.4.386.42095

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac1900p Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac1900p	All versions

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac1900u Firmware	Before 3.0.0.4.386.42095

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac1900u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac1900u	All versions

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac2900 Firmware	Before 3.0.0.4.386.42095

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac2900 Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac2900	All versions

Configuration E

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac3100 Firmware	Before 3.0.0.4.386.42095

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac3100 Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac3100	All versions

Configuration G

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac5300 Firmware	Before 3.0.0.4.386.42095

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac5300 Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac5300	All versions

Configuration I

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac58u Firmware	Before 3.0.0.4.386.42095

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac58u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac58u	All versions

Configuration K

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac65u Firmware	Before 3.0.0.4.386.42095

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac65u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac65u	All versions

Configuration M

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac68p Firmware	Before 3.0.0.4.386.42095

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac68p Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac68p	All versions

Configuration O

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac68r Firmware	Before 3.0.0.4.386.42095

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac68r Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac68r	All versions

Configuration Q

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac68rw Firmware	Before 3.0.0.4.386.42095

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac68rw Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac68rw	All versions

Configuration S

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac68u Firmware	Before 3.0.0.4.386.42095

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac68u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac68u	All versions

Configuration U

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac68w Firmware	Before 3.0.0.4.386.42095

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac68w Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac68w	All versions

Configuration W

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac85u Firmware	Before 3.0.0.4.386.42095

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac85u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac85u	All versions

Configuration Y

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac86u Firmware	Before 3.0.0.4.386.42095

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac86u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac86u	All versions

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Asus Rt Ac88u Firmware	Before 3.0.0.4.386.42095

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Asus Rt Ac88u Firmware	Before 9.0.0.4.386.41994

Running on/with	Platform Versions
Asus Rt Ac88u	All versions

Related CWEs

CWE-834

Excessive Iteration

The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.

References (54)

https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX3000/HelpDesk_BIOS/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX55/HelpDesk_BIOS/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX56U/HelpDesk_BIOS/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX58U/HelpDesk_BIOS/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX68U/HelpDesk_BIOS/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX82U/HelpDesk_BIOS/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX86U/HelpDesk_BIOS/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/Networking-IoT-Servers/WiFi-6/All-series/RT-AX88U/HelpDesk_BIOS/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC66U-B1/HelpDesk_Download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC1750_B1/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC1900/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC1900P/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC1900U/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC2900/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC3100/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC5300/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC58U/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC65U/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC68P/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC68R/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC68RW/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC68U/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC68W/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC85U/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC86U/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/supportonly/RT-AC88U/HelpDesk_download/

Source: cve@mitre.org

ProductVendor Advisory

https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/