CVE-2021-40556
First published: Thu Oct 06 2022(Updated: )
A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by "caupload" input handle function allowing the user to enter 0xFFFF bytes into the stack. This vulnerability allows an attacker to execute commands remotely. The vulnerability requires authentication.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Asus Rt-ax56u Firmware | =3.0.0.4.386.44266 | |
| ASUS RT-AX56U |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-40556?
CVE-2021-40556 is a stack overflow vulnerability in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266.
How severe is CVE-2021-40556?
CVE-2021-40556 has a severity score of 8.8 (high).
How does CVE-2021-40556 affect ASUS RT-AX56U Router?
CVE-2021-40556 affects ASUS RT-AX56U Router Version 3.0.0.4.386.44266 firmware.
How can I fix CVE-2021-40556?
To fix CVE-2021-40556, update your ASUS RT-AX56U Router firmware to the latest version provided by the manufacturer.
Where can I find more information about CVE-2021-40556?
You can find more information about CVE-2021-40556 on the ASUS website and the provided reference links.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/asus
- canonical/asus rt-ax56u firmware
- version/asus rt-ax56u firmware/3.0.0.4.386.44266
- canonical/asus rt-ax56u