Lucene search

TwcertCVELIST:CVE-2021-44158

HistoryJan 03, 2022 - 12:00 a.m.

CVE-2021-44158 ASUS RT-AX56U Router - Stack-based buffer overflow

2022-01-0300:00:00

CWE-121

twcert

www.cve.org

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service.

CNA Affected

[
  {
    "product": "RT-AX56U",
    "vendor": "ASUS",
    "versions": [
      {
        "status": "affected",
        "version": "3.0.0.4.386.44266"
      }
    ]
  }
]

References

www.twcert.org.tw/tw/cp-132-5431-d23be-1.html

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2021-44158