CVE-2022-23973: ASUS RT-AX56U - Stack overflew
First published: Thu Apr 07 2022(Updated: )
ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service.
Credit: twcert@cert.org.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Asus Rt-ax56u Firmware | =3.0.0.4.386.45898 | |
| ASUS RT-AX56U |
Remedy
Update ASUS RT-AX56U firmware version to 3.0.0.4.386.45934
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-23973.
What is the severity of CVE-2022-23973?
The severity of CVE-2022-23973 is high with a severity value of 8.8.
How does CVE-2022-23973 affect ASUS RT-AX56U?
CVE-2022-23973 affects the user profile configuration function of ASUS RT-AX56U firmware version 3.0.0.4.386.45898.
What is the impact of CVE-2022-23973?
The vulnerability allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations, or disrupt service.
Is ASUS RT-AX56U vulnerable to CVE-2022-23973?
Yes, ASUS RT-AX56U firmware version 3.0.0.4.386.45898 is vulnerable to CVE-2022-23973.
How can the vulnerability CVE-2022-23973 be fixed?
To fix CVE-2022-23973, it is recommended to update ASUS RT-AX56U firmware to a version that includes the necessary security patches.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/title
- agent/author
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/asus
- canonical/asus rt-ax56u firmware
- version/asus rt-ax56u firmware/3.0.0.4.386.45898
- canonical/asus rt-ax56u