Cross site scripting

2022-07-0512:15:00

PRIOn knowledge base

www.prio-n.com

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.1%

JSON

ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.

CPENameOperatorVersion
4g-ac53u_firmwareeq3.0.0.4.386.46061
4g-ac68u_firmwareeq3.0.0.4.386.46061
rog_rapture_gt-ac2900_firmwareeq3.0.0.4.386.46061
rog_rapture_gt-ac5300_firmwareeq3.0.0.4.386.46061
rog_rapture_gt-ax11000_firmwareeq3.0.0.4.386.46061
rt-ac1200_firmwareeq3.0.0.4.386.46061
rt-ac1200e_firmwareeq3.0.0.4.386.46061
rt-ac1200g\\+_firmwareeq3.0.0.4.386.46061
rt-ac1200g_firmwareeq3.0.0.4.386.46061
rt-ac1200gu_firmwareeq3.0.0.4.386.46061

Name	Operator	Version
4g-ac53u_firmware	eq	3.0.0.4.386.46061
4g-ac68u_firmware	eq	3.0.0.4.386.46061
rog_rapture_gt-ac2900_firmware	eq	3.0.0.4.386.46061
rog_rapture_gt-ac5300_firmware	eq	3.0.0.4.386.46061
rog_rapture_gt-ax11000_firmware	eq	3.0.0.4.386.46061
rt-ac1200_firmware	eq	3.0.0.4.386.46061
rt-ac1200e_firmware	eq	3.0.0.4.386.46061
rt-ac1200g\\+_firmware	eq	3.0.0.4.386.46061
rt-ac1200g_firmware	eq	3.0.0.4.386.46061
rt-ac1200gu_firmware	eq	3.0.0.4.386.46061