← Back

Asus

asus

272 CVEs • 897 products

Products (897)

Click to collapse
Toggle
Rt Ac86u Firmware
rt-ac86u_firmware
19 CVEs
Asmb8 Ikvm Firmware
asmb8-ikvm_firmware
19 CVEs
Z10pr D16 Firmware
z10pr-d16_firmware
18 CVEs
Z10pe D16 Ws Firmware
z10pe-d16_ws_firmware
18 CVEs
Asmb9 Ikvm Firmware
asmb9-ikvm_firmware
17 CVEs
Rs720a E9 Rs24 E Firmware
rs720a-e9-rs24-e_firmware
17 CVEs
Rs700a E9 Rs4 Firmware
rs700a-e9-rs4_firmware
17 CVEs
Rs700 E9 Rs4 Firmware
rs700-e9-rs4_firmware
17 CVEs
Esc4000 G4x Firmware
esc4000_g4x_firmware
17 CVEs
Rs700 E9 Rs12 Firmware
rs700-e9-rs12_firmware
17 CVEs
Rs100 E10 Pi2 Firmware
rs100-e10-pi2_firmware
17 CVEs
Rs300 E10 Ps4 Firmware
rs300-e10-ps4_firmware
17 CVEs
Rs300 E10 Rs4 Firmware
rs300-e10-rs4_firmware
17 CVEs
Rs500a E9 Ps4 Firmware
rs500a-e9-ps4_firmware
17 CVEs
Rs500a E9 Rs4 Firmware
rs500a-e9-rs4_firmware
17 CVEs
Rs500a E9 Rs4 U Firmware
rs500a-e9_rs4_u_firmware
17 CVEs
E700 G4 Firmware
e700_g4_firmware
17 CVEs
Ws C422 Pro/se Firmware
ws_c422_pro/se_firmware
17 CVEs
Ws X299 Pro/se Firmware
ws_x299_pro/se_firmware
17 CVEs
Z11pa U12 Firmware
z11pa-u12_firmware
17 CVEs
Z11pa U12/10g 2s Firmware
z11pa-u12/10g-2s_firmware
17 CVEs
Knpa U16 Firmware
knpa-u16_firmware
17 CVEs
Esc4000 Dhd G4 Firmware
esc4000_dhd_g4_firmware
17 CVEs
Esc4000 G4 Firmware
esc4000_g4_firmware
17 CVEs
Rs720q E9 Rs24 S Firmware
rs720q-e9-rs24-s_firmware
17 CVEs
Rs720q E9 Rs8 Firmware
rs720q-e9-rs8_firmware
17 CVEs
Rs720q E9 Rs8 S Firmware
rs720q-e9-rs8-s_firmware
17 CVEs
Z11pa D8 Firmware
z11pa-d8_firmware
17 CVEs
Z11pa D8c Firmware
z11pa-d8c_firmware
17 CVEs
Rs720 E9 Rs24 U Firmware
rs720-e9-rs24-u_firmware
17 CVEs
Rs720 E9 Rs8 G Firmware
rs720-e9-rs8-g_firmware
17 CVEs
Rs500 E9 Ps4 Firmware
rs500-e9-ps4_firmware
17 CVEs
Pro E800 G4 Firmware
pro_e800_g4_firmware
17 CVEs
Rs500 E9 Rs4 Firmware
rs500-e9-rs4_firmware
17 CVEs
Rs500 E9 Rs4 U Firmware
rs500-e9-rs4-u_firmware
17 CVEs
Rs520 E9 Rs12 E Firmware
rs520-e9-rs12-e_firmware
17 CVEs
Rs520 E9 Rs8 Firmware
rs520-e9-rs8_firmware
17 CVEs
Esc8000 G4 Firmware
esc8000_g4_firmware
17 CVEs
Esc8000 G4/10g Firmware
esc8000_g4/10g_firmware
17 CVEs
Rs720 E9 Rs12 E Firmware
rs720-e9-rs12-e_firmware
17 CVEs
Ws C621e Sage Firmware
ws_c621e_sage_firmware
17 CVEs
Rs500a E10 Ps4 Firmware
rs500a-e10-ps4_firmware
17 CVEs
Rs500a E10 Rs4 Firmware
rs500a-e10-rs4_firmware
17 CVEs
Rs700a E9 Rs12v2 Firmware
rs700a-e9-rs12v2_firmware
17 CVEs
Rs700a E9 Rs4v2 Firmware
rs700a-e9-rs4v2_firmware
17 CVEs
Rs720a E9 Rs12v2 Firmware
rs720a-e9-rs12v2_firmware
17 CVEs
Rs720a E9 Rs24v2 Firmware
rs720a-e9-rs24v2_firmware
17 CVEs
Z11pr D16 Firmware
z11pr-d16_firmware
17 CVEs
Rt Ac68u Firmware
rt-ac68u_firmware
14 CVEs
Rt Ax55 Firmware
rt-ax55_firmware
14 CVEs
Rt Ax56u Firmware
rt-ax56u_firmware
12 CVEs
Rt Ac66u Firmware
rt-ac66u_firmware
11 CVEs
Rt Ax88u Firmware
rt-ax88u_firmware
11 CVEs
Asuswrt
asuswrt
10 CVEs
Rt N56u Firmware
rt-n56u_firmware
9 CVEs
Rt Ax82u Firmware
rt-ax82u_firmware
8 CVEs
Rt Ac3200 Firmware
rt-ac3200_firmware
7 CVEs
Hg100 Firmware
hg100_firmware
7 CVEs
Rt Ax3000 Firmware
rt-ax3000_firmware
7 CVEs
Rt Ax56u V2 Firmware
rt-ax56u_v2_firmware
7 CVEs
Rt Ac87u Firmware
rt-ac87u_firmware
6 CVEs
Rt Ac1750 Firmware
rt-ac1750_firmware
6 CVEs
Rt Ax86u Firmware
rt-ax86u_firmware
6 CVEs
Rt Ax58u Firmware
rt-ax58u_firmware
6 CVEs
Rt N66u Firmware
rt-n66u_firmware
5 CVEs
Rt Ac68u
rt-ac68u
5 CVEs
Dsl N14u B1 Firmware
dsl-n14u-b1_firmware
5 CVEs
Rt Ac88u Firmware
rt-ac88u_firmware
5 CVEs
Rt Ac58u Firmware
rt-ac58u_firmware
5 CVEs
Gt Ac5300 Firmware
gt-ac5300_firmware
5 CVEs
Zenfone 4 Selfie Firmware
zenfone_4_selfie_firmware
5 CVEs
Rt Ax68u Firmware
rt-ax68u_firmware
5 CVEs
Rt N56u
rt-n56u
4 CVEs
Wl 330nul Firmware
wl-330nul_firmware
4 CVEs
Rt Ac53 Firmware
rt-ac53_firmware
4 CVEs
Rt Ac2900 Firmware
rt-ac2900_firmware
4 CVEs
Rt Ac5300 Firmware
rt-ac5300_firmware
4 CVEs
Zenfone 3 Max Firmware
zenfone_3_max_firmware
4 CVEs
Rt Ac1900p Firmware
rt-ac1900p_firmware
4 CVEs
Rt Ax92u Firmware
rt-ax92u_firmware
4 CVEs
Rt N66u
rt-n66u
3 CVEs
Rt N16 Firmware
rt-n16_firmware
3 CVEs
Rt Ac56s Firmware
rt-ac56s_firmware
3 CVEs
Dsl N10s Firmware
dsl-n10s_firmware
3 CVEs
Dsl N12e C1 Firmware
dsl-n12e_c1_firmware
3 CVEs
Dsl N17u Firmware
dsl-n17u_firmware
3 CVEs
Rt Ac1900 Firmware
rt-ac1900_firmware
3 CVEs
Rt Ac3100 Firmware
rt-ac3100_firmware
3 CVEs
Rt Ac51u Firmware
rt-ac51u_firmware
3 CVEs
Rt Ac52u B1 Firmware
rt-ac52u_b1_firmware
3 CVEs
Aura Sync Firmware
aura_sync_firmware
3 CVEs
Zenfone 5q Firmware
zenfone_5q_firmware
3 CVEs
Zenfone Ar Firmware
zenfone_ar_firmware
3 CVEs
Mw100 Firmware
mw100_firmware
3 CVEs
Ws 101 Firmware
ws-101_firmware
3 CVEs
Ts 101 Firmware
ts-101_firmware
3 CVEs
As 101 Firmware
as-101_firmware
3 CVEs
Ms 101 Firmware
ms-101_firmware
3 CVEs
Dl 101 Firmware
dl-101_firmware
3 CVEs
Rt N53 Firmware
rt-n53_firmware
3 CVEs

CVEs (272)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-9285
1Asus
11Rt Ac1900 Firmware
Rt Ac2900 FirmwareRt Ac3100 Firmware+8 more
Nov 21, 2024
Apr 4, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC32...Show more
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.Show less
CVE-2017-12590
1Asus
1Rt N14uhp Firmware
Nov 21, 2024
Mar 16, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
ASUS RT-N14UHP devices before 3.0.0.4.380.8015 have a reflected XSS vulnerability in the "flag" parameter.
CVE-2017-15656
1Asus
1Asuswrt
Nov 21, 2024
Jan 31, 2018
N/A· v4
8.8 HIGH· v3
4.0 MEDIUM· v2
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt.
CVE-2017-15655
1Asus
1Asuswrt
Nov 21, 2024
Jan 31, 2018
N/A· v4
9.6 CRITICAL· v3
9.3 HIGH· v2
Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-lif...Show more
Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages.Show less
CVE-2017-15654
1Asus
1Asuswrt
Nov 21, 2024
Jan 31, 2018
N/A· v4
8.3 HIGH· v3
7.6 HIGH· v2
Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access.
CVE-2017-15653
1Asus
1Asuswrt
Nov 21, 2024
Jan 31, 2018
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unauthorized user to execute any action knowing administrator session token...Show more
Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unauthorized user to execute any action knowing administrator session token by using a specific User-Agent string.Show less
CVE-2017-14699
1Asus
16Dsl Ac51 Firmware
Dsl Ac52u FirmwareDsl Ac55u Firmware+13 more
Nov 21, 2024
Jan 29, 2018
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Multiple XML external entity (XXE) vulnerabilities in the AiCloud feature on ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16,...Show more
Multiple XML external entity (XXE) vulnerabilities in the AiCloud feature on ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote authenticated users to read arbitrary files via a crafted DTD in (1) an UPDATEACCOUNT or (2) a PROPFIND request.Show less
CVE-2017-14698
1Asus
16Dsl Ac51 Firmware
Dsl Ac52u FirmwareDsl Ac55u Firmware+13 more
Nov 21, 2024
Jan 29, 2018
N/A· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote attackers t...Show more
ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote attackers to change passwords of arbitrary users via the http_passwd parameter to mod_login.asp.Show less
CVE-2018-6000
1Asus
1Asuswrt
Nov 21, 2024
Jan 22, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to...Show more
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.Show less
CVE-2018-5999
1Asus
1Asuswrt
Nov 21, 2024
Jan 22, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails.
CVE-2017-5712
3Asus
IntelSiemens
198Active Management Technology Firmware
B150 A FirmwareB150 Plus Firmware+195 more
May 13, 2026
Nov 21, 2017
N/A· v4
7.2 HIGH· v3
9.0 HIGH· v2
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code w...Show more
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.Show less
CVE-2017-5711
3Asus
IntelSiemens
198Active Management Technology Firmware
B150 A FirmwareB150 Plus Firmware+195 more
May 13, 2026
Nov 21, 2017
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code...Show more
Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.Show less
CVE-2017-12593
1Asus
1Dsl N10s Firmware
May 13, 2026
Aug 18, 2017
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
ASUS DSL-N10S V2.1.16_APAC devices allow CSRF.
CVE-2017-12592
1Asus
1Dsl N10s Firmware
May 13, 2026
Aug 18, 2017
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation vulnerability. A normal user can escalate its privilege and perform administrative actions. There is no mapping of users with their privileges.
CVE-2017-12591
1Asus
1Dsl N10s Firmware
May 13, 2026
Aug 18, 2017
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored cross site scripting, as demonstrated by the snmpSysName parameter.
CVE-2017-8878
1Asus
1Rt Ac1750 Firmware
May 13, 2026
May 10, 2017
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow remote authenticated users to discover the Wi-Fi password via WPS_info.xml.
CVE-2017-8877
1Asus
1Rt Ac1750 Firmware
May 13, 2026
May 10, 2017
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID.
CVE-2017-5892
1Asus
1Rt Ac1750 Firmware
May 13, 2026
May 10, 2017
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map.
CVE-2017-5891
1Asus
1Rt Ac1750 Firmware
May 13, 2026
May 10, 2017
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF.
CVE-2013-4659
2Asus
Trendnet
2Rt Ac66u Firmware
Tew 812dru Firmware
May 13, 2026
Mar 14, 2017
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU...Show more
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long string to TCP port 5916. This component is used on routers of multiple vendors including ASUS RT-AC66U and TRENDnet TEW-812DRU.Show less