← Back

CVE-2021-37910

nvd nist
Published: Nov 12, 2021Modified: Nov 21, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames.

Affected (5)

Asus
5 products
Gt Axe11000 Firmware
Rt Ax3000 Firmware
Rt Ax55 Firmware
Rt Ax58u Firmware
Tuf Ax3000 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Gt Axe11000 Firmware
Before 3.0.0.4.386.45898
Running on/withPlatform Versions
Asus
Gt Axe11000
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rt Ax3000 Firmware
Before 3.0.0.4.386.45898
Running on/withPlatform Versions
Asus
Rt Ax3000
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rt Ax55 Firmware
Before 3.0.0.4.386.45898
Running on/withPlatform Versions
Asus
Rt Ax55
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rt Ax58u Firmware
Before 3.0.0.4.386.45898
Running on/withPlatform Versions
Asus
Rt Ax58u
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tuf Ax3000 Firmware
Before 3.0.0.4.386.45898
Running on/withPlatform Versions
Asus
Tuf Ax3000
All versions

Related CWEs

CWE-799
Improper Control of Interaction Frequency
The product does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests.

References (2)

Source: twcert@cert.org.tw
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.