ASUS Control Center is a new centralized IT management software from ASUS (China). ASUS Control Center v1.4.2.5 is vulnerable to SQL injection. An attacker could use this vulnerability to inject SQL commands into specific API parameters to obtain database schema or access data.