First published: Thu Sep 07 2023(Updated: )
ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.
Credit: twcert@cert.org.tw twcert@cert.org.tw
Affected Software | Affected Version | How to fix |
---|---|---|
Asus Rt-ac86u Firmware | =3.0.0.4_386_51529 | |
ASUS RT-AC86U |
Update to 3.0.0.4.386_51915
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-38031 is a vulnerability in ASUS RT-AC86U Adaptive QoS - Web History function that allows a remote attacker to perform command injection attacks.
The severity of CVE-2023-38031 is high with a CVSS score of 8.8.
A remote attacker with regular user privilege can exploit CVE-2023-38031 by performing a command injection attack to execute arbitrary commands, disrupt system, or terminate services.
Yes, ASUS RT-AC86U firmware version 3.0.0.4_386_51529 is affected by CVE-2023-38031.
You can find more information about CVE-2023-38031 at this link: [https://www.twcert.org.tw/tw/cp-132-7348-56989-1.html](https://www.twcert.org.tw/tw/cp-132-7348-56989-1.html)