Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
&color=brightgreen)
On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist parameter. NOTE: for the similar "token-generated module" issue, see CVE-2023-41345; for the similar "token-refresh module" issue, see CVE-2023-41346; for the similar "check token module" issue, see CVE-2023-41347; and for the similar "code-authentication module" issue, see CVE-2023-41348.
- https://www.greynoise.io/blog/stealthy-backdoor-campaign-affecting-asus-routers
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/attilaszia/linux-iot-cves
- https://github.com/packetinside/CISA_BOT
- https://github.com/ums91/CISA_BOT