CVE-2022-26376
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.
Affected (19)
Products: Asus: Asuswrt, Xt8 Firmware, Tuf Ax3000 V2 Firmware, Xd4 Firmware, Et12 Firmware, Gt Ax6000 Firmware, Xt12 Firmware, Rt Ax58u Firmware, Xt9 Firmware, Xd6 Firmware, Gt Ax11000 Pro Firmware, Gt Axe16000 Firmware, Rt Ax86u Firmware, Rt Ax68u Firmware, Rt Ax82u Firmware, Rt Ax56u Firmware, Rt Ax55 Firmware, Gt Ax11000 Firmware · Asuswrt Merlin: New Gen
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 386.7 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_48706 |
| Running on/with | Platform Versions |
|---|---|
Asus Xt8 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_48750 |
| Running on/with | Platform Versions |
|---|---|
Asus Tuf Ax3000 V2 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_48790 |
| Running on/with | Platform Versions |
|---|---|
Asus Xd4 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_48823 |
| Running on/with | Platform Versions |
|---|---|
Asus Et12 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_48823 |
| Running on/with | Platform Versions |
|---|---|
Asus Gt Ax6000 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_48823 |
| Running on/with | Platform Versions |
|---|---|
Asus Xt12 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_48908 |
| Running on/with | Platform Versions |
|---|---|
Asus Rt Ax58u | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.388_20027 |
| Running on/with | Platform Versions |
|---|---|
Asus Xt9 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_49356 |
| Running on/with | Platform Versions |
|---|---|
Asus Xd6 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_48996 |
| Running on/with | Platform Versions |
|---|---|
Asus Gt Ax11000 Pro | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_48786 |
| Running on/with | Platform Versions |
|---|---|
Asus Gt Axe16000 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_49447 |
| Running on/with | Platform Versions |
|---|---|
Asus Rt Ax86u | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_49479 |
| Running on/with | Platform Versions |
|---|---|
Asus Rt Ax68u | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_49380 |
| Running on/with | Platform Versions |
|---|---|
Asus Rt Ax82u | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_49559 |
| Running on/with | Platform Versions |
|---|---|
Asus Rt Ax56u | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_49559 |
| Running on/with | Platform Versions |
|---|---|
Asus Rt Ax55 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.0.0.4.386_49559 |
| Running on/with | Platform Versions |
|---|---|
Asus Gt Ax11000 | All versions |
References (2)
Source: talos-cna@cisco.com
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Timeline
No history available yet.