CVE-2023-41345: ASUS RT-AX55 - command injection - 1
First published: Fri Nov 03 2023(Updated: )
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system, or terminate services.
Credit: twcert@cert.org.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Asus Rt-ax55 Firmware | =3.0.0.4.386.51598 | |
| ASUS RT-AX55 |
Remedy
Update version to 3.0.0.4.386_51948 .
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-41345.
What is the severity rating of CVE-2023-41345?
The severity rating of CVE-2023-41345 is 8.8 (high).
What is the affected software for CVE-2023-41345?
The affected software for CVE-2023-41345 is ASUS RT-AX55 firmware version 3.0.0.4.386.51598.
How does the vulnerability CVE-2023-41345 affect the system?
The vulnerability CVE-2023-41345 allows an authenticated remote attacker to perform a Command Injection attack and execute arbitrary commands, potentially disrupting the system.
Is the ASUS RT-AX55 device vulnerable to CVE-2023-41345?
No, the ASUS RT-AX55 device is not vulnerable to CVE-2023-41345.
- collector/nvd-api
- agent/title
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/asus
- canonical/asus rt-ax55 firmware
- version/asus rt-ax55 firmware/3.0.0.4.386.51598
- canonical/asus rt-ax55