← Back

Asus

asus

272 CVEs • 897 products

Products (897)

Click to collapse
Toggle
Rt Ac86u Firmware
rt-ac86u_firmware
19 CVEs
Asmb8 Ikvm Firmware
asmb8-ikvm_firmware
19 CVEs
Z10pr D16 Firmware
z10pr-d16_firmware
18 CVEs
Z10pe D16 Ws Firmware
z10pe-d16_ws_firmware
18 CVEs
Asmb9 Ikvm Firmware
asmb9-ikvm_firmware
17 CVEs
Rs720a E9 Rs24 E Firmware
rs720a-e9-rs24-e_firmware
17 CVEs
Rs700a E9 Rs4 Firmware
rs700a-e9-rs4_firmware
17 CVEs
Rs700 E9 Rs4 Firmware
rs700-e9-rs4_firmware
17 CVEs
Esc4000 G4x Firmware
esc4000_g4x_firmware
17 CVEs
Rs700 E9 Rs12 Firmware
rs700-e9-rs12_firmware
17 CVEs
Rs100 E10 Pi2 Firmware
rs100-e10-pi2_firmware
17 CVEs
Rs300 E10 Ps4 Firmware
rs300-e10-ps4_firmware
17 CVEs
Rs300 E10 Rs4 Firmware
rs300-e10-rs4_firmware
17 CVEs
Rs500a E9 Ps4 Firmware
rs500a-e9-ps4_firmware
17 CVEs
Rs500a E9 Rs4 Firmware
rs500a-e9-rs4_firmware
17 CVEs
Rs500a E9 Rs4 U Firmware
rs500a-e9_rs4_u_firmware
17 CVEs
E700 G4 Firmware
e700_g4_firmware
17 CVEs
Ws C422 Pro/se Firmware
ws_c422_pro/se_firmware
17 CVEs
Ws X299 Pro/se Firmware
ws_x299_pro/se_firmware
17 CVEs
Z11pa U12 Firmware
z11pa-u12_firmware
17 CVEs
Z11pa U12/10g 2s Firmware
z11pa-u12/10g-2s_firmware
17 CVEs
Knpa U16 Firmware
knpa-u16_firmware
17 CVEs
Esc4000 Dhd G4 Firmware
esc4000_dhd_g4_firmware
17 CVEs
Esc4000 G4 Firmware
esc4000_g4_firmware
17 CVEs
Rs720q E9 Rs24 S Firmware
rs720q-e9-rs24-s_firmware
17 CVEs
Rs720q E9 Rs8 Firmware
rs720q-e9-rs8_firmware
17 CVEs
Rs720q E9 Rs8 S Firmware
rs720q-e9-rs8-s_firmware
17 CVEs
Z11pa D8 Firmware
z11pa-d8_firmware
17 CVEs
Z11pa D8c Firmware
z11pa-d8c_firmware
17 CVEs
Rs720 E9 Rs24 U Firmware
rs720-e9-rs24-u_firmware
17 CVEs
Rs720 E9 Rs8 G Firmware
rs720-e9-rs8-g_firmware
17 CVEs
Rs500 E9 Ps4 Firmware
rs500-e9-ps4_firmware
17 CVEs
Pro E800 G4 Firmware
pro_e800_g4_firmware
17 CVEs
Rs500 E9 Rs4 Firmware
rs500-e9-rs4_firmware
17 CVEs
Rs500 E9 Rs4 U Firmware
rs500-e9-rs4-u_firmware
17 CVEs
Rs520 E9 Rs12 E Firmware
rs520-e9-rs12-e_firmware
17 CVEs
Rs520 E9 Rs8 Firmware
rs520-e9-rs8_firmware
17 CVEs
Esc8000 G4 Firmware
esc8000_g4_firmware
17 CVEs
Esc8000 G4/10g Firmware
esc8000_g4/10g_firmware
17 CVEs
Rs720 E9 Rs12 E Firmware
rs720-e9-rs12-e_firmware
17 CVEs
Ws C621e Sage Firmware
ws_c621e_sage_firmware
17 CVEs
Rs500a E10 Ps4 Firmware
rs500a-e10-ps4_firmware
17 CVEs
Rs500a E10 Rs4 Firmware
rs500a-e10-rs4_firmware
17 CVEs
Rs700a E9 Rs12v2 Firmware
rs700a-e9-rs12v2_firmware
17 CVEs
Rs700a E9 Rs4v2 Firmware
rs700a-e9-rs4v2_firmware
17 CVEs
Rs720a E9 Rs12v2 Firmware
rs720a-e9-rs12v2_firmware
17 CVEs
Rs720a E9 Rs24v2 Firmware
rs720a-e9-rs24v2_firmware
17 CVEs
Z11pr D16 Firmware
z11pr-d16_firmware
17 CVEs
Rt Ac68u Firmware
rt-ac68u_firmware
14 CVEs
Rt Ax55 Firmware
rt-ax55_firmware
14 CVEs
Rt Ax56u Firmware
rt-ax56u_firmware
12 CVEs
Rt Ac66u Firmware
rt-ac66u_firmware
11 CVEs
Rt Ax88u Firmware
rt-ax88u_firmware
11 CVEs
Asuswrt
asuswrt
10 CVEs
Rt N56u Firmware
rt-n56u_firmware
9 CVEs
Rt Ax82u Firmware
rt-ax82u_firmware
8 CVEs
Rt Ac3200 Firmware
rt-ac3200_firmware
7 CVEs
Hg100 Firmware
hg100_firmware
7 CVEs
Rt Ax3000 Firmware
rt-ax3000_firmware
7 CVEs
Rt Ax56u V2 Firmware
rt-ax56u_v2_firmware
7 CVEs
Rt Ac87u Firmware
rt-ac87u_firmware
6 CVEs
Rt Ac1750 Firmware
rt-ac1750_firmware
6 CVEs
Rt Ax86u Firmware
rt-ax86u_firmware
6 CVEs
Rt Ax58u Firmware
rt-ax58u_firmware
6 CVEs
Rt N66u Firmware
rt-n66u_firmware
5 CVEs
Rt Ac68u
rt-ac68u
5 CVEs
Dsl N14u B1 Firmware
dsl-n14u-b1_firmware
5 CVEs
Rt Ac88u Firmware
rt-ac88u_firmware
5 CVEs
Rt Ac58u Firmware
rt-ac58u_firmware
5 CVEs
Gt Ac5300 Firmware
gt-ac5300_firmware
5 CVEs
Zenfone 4 Selfie Firmware
zenfone_4_selfie_firmware
5 CVEs
Rt Ax68u Firmware
rt-ax68u_firmware
5 CVEs
Rt N56u
rt-n56u
4 CVEs
Wl 330nul Firmware
wl-330nul_firmware
4 CVEs
Rt Ac53 Firmware
rt-ac53_firmware
4 CVEs
Rt Ac2900 Firmware
rt-ac2900_firmware
4 CVEs
Rt Ac5300 Firmware
rt-ac5300_firmware
4 CVEs
Zenfone 3 Max Firmware
zenfone_3_max_firmware
4 CVEs
Rt Ac1900p Firmware
rt-ac1900p_firmware
4 CVEs
Rt Ax92u Firmware
rt-ax92u_firmware
4 CVEs
Rt N66u
rt-n66u
3 CVEs
Rt N16 Firmware
rt-n16_firmware
3 CVEs
Rt Ac56s Firmware
rt-ac56s_firmware
3 CVEs
Dsl N10s Firmware
dsl-n10s_firmware
3 CVEs
Dsl N12e C1 Firmware
dsl-n12e_c1_firmware
3 CVEs
Dsl N17u Firmware
dsl-n17u_firmware
3 CVEs
Rt Ac1900 Firmware
rt-ac1900_firmware
3 CVEs
Rt Ac3100 Firmware
rt-ac3100_firmware
3 CVEs
Rt Ac51u Firmware
rt-ac51u_firmware
3 CVEs
Rt Ac52u B1 Firmware
rt-ac52u_b1_firmware
3 CVEs
Aura Sync Firmware
aura_sync_firmware
3 CVEs
Zenfone 5q Firmware
zenfone_5q_firmware
3 CVEs
Zenfone Ar Firmware
zenfone_ar_firmware
3 CVEs
Mw100 Firmware
mw100_firmware
3 CVEs
Ws 101 Firmware
ws-101_firmware
3 CVEs
Ts 101 Firmware
ts-101_firmware
3 CVEs
As 101 Firmware
as-101_firmware
3 CVEs
Ms 101 Firmware
ms-101_firmware
3 CVEs
Dl 101 Firmware
dl-101_firmware
3 CVEs
Rt N53 Firmware
rt-n53_firmware
3 CVEs

CVEs (272)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-18537
1Asus
1Aura Sync Firmware
Nov 21, 2024
Dec 26, 2018
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address.
CVE-2018-18536
1Asus
1Aura Sync Firmware
Nov 21, 2024
Dec 26, 2018
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated p...Show more
The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.Show less
CVE-2018-18535
1Asus
1Aura Sync Firmware
Nov 21, 2024
Dec 26, 2018
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
CVE-2018-18291
1Asus
1Rt Ac58u Firmware
Nov 21, 2024
Oct 14, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A cross site scripting (XSS) vulnerability on ASUS RT-AC58U 3.0.0.4.380_6516 devices allows remote attackers to inject arbitrary web script or HTML via Advanced_ASUSDDNS_Content.asp, Advanced_WSecurity_Content.asp, Advan...Show more
A cross site scripting (XSS) vulnerability on ASUS RT-AC58U 3.0.0.4.380_6516 devices allows remote attackers to inject arbitrary web script or HTML via Advanced_ASUSDDNS_Content.asp, Advanced_WSecurity_Content.asp, Advanced_Wireless_Content.asp, Logout.asp, Main_Login.asp, MobileQIS_Login.asp, QIS_wizard.htma, YandexDNS.asp, ajax_status.xml, apply.cgi, clients.asp, disk.asp, disk_utility.asp, or internet.asp.Show less
CVE-2018-18287
1Asus
1Rt Ac58u Firmware
Nov 21, 2024
Oct 14, 2018
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
On ASUS RT-AC58U 3.0.0.4.380_6516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the Main_Login.asp page.
CVE-2018-17127
1Asus
1Gt Ac5300 Firmware
Nov 21, 2024
Sep 17, 2018
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (NULL pointer dereference and device crash) via a request that lacks a timestap parameter.
CVE-2018-17023
1Asus
1Gt Ac5300 Firmware
Nov 21, 2024
Sep 13, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 routers with firmware through 3.0.0.4.384_32738 allows remote attackers to hijack the authentication of administrators for requests that change the admini...Show more
Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 routers with firmware through 3.0.0.4.384_32738 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm.Show less
CVE-2018-17022
1Asus
1Gt Ac5300 Firmware
Nov 21, 2024
Sep 13, 2018
N/A· v4
7.2 HIGH· v3
8.0 HIGH· v2
Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0...Show more
Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0 value and then sending an appGet.cgi?hook=select_list("Storage_x_SharedPath") request, because ej_select_list in router/httpd/web.c uses strcpy.Show less
CVE-2018-17021
1Asus
1Gt Ac5300 Firmware
Nov 21, 2024
Sep 13, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability on ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 allows remote attackers to inject arbitrary web script or HTML via the appGet.cgi hook parameter.
CVE-2018-17020
1Asus
1Gt Ac5300 Firmware
Nov 21, 2024
Sep 13, 2018
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 allow remote attackers to cause a denial of service via a single "GET / HTTP/1.1\r\n" line.
CVE-2018-0647
1Asus
1Wl 330nul Firmware
Nov 21, 2024
Sep 7, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2018-15887
1Asus
1Dsl N12e C1 Firmware
Nov 21, 2024
Aug 27, 2018
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metachar...Show more
Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request.Show less
CVE-2018-11492
1Asus
1Hg100 Firmware
Nov 21, 2024
Aug 10, 2018
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
ASUS HG100 devices allow denial of service via an IPv4 packet flood.
CVE-2018-11491
1Asus
1Hg100 Firmware
Nov 21, 2024
Jul 25, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution.
CVE-2016-6558
1Asus
7Ea N66 Firmware
Rp Ac52 FirmwareRp Ac56 Firmware+4 more
Nov 21, 2024
Jul 13, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The action_script paramet...Show more
A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The action_script parameter specifies a script to be executed if the action_mode parameter does not contain a valid state. If the input provided by action_script does not match one of the hard coded options, then it will be executed as the argument of either a system() or an eval() call allowing arbitrary commands to be executed.Show less
CVE-2016-6557
1Asus
7Ea N66 Firmware
Rp Ac52 FirmwareRp Ac56 Firmware+4 more
Nov 21, 2024
Jul 13, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An atta...Show more
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request.Show less
CVE-2018-0583
1Asus
1Rt Ac1200hp Firmware
Nov 21, 2024
May 14, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerability in ASUS RT-AC1200HP Firmware version prior to 3.0.0.4.380.4180 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0582
1Asus
1Rt Ac68u Firmware
Nov 21, 2024
May 14, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version prior to 3.0.0.4.380.1031 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0581
1Asus
1Rt Ac87u Firmware
Nov 21, 2024
May 14, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-8826
1Asus
13Rt Ac1200 Firmware
Rt Ac1750 FirmwareRt Ac2900 Firmware+10 more
Nov 21, 2024
Apr 20, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC5...Show more
ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors.Show less