CVE-2021-44158

HIGH8.0Memory safety

Description

ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service.

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

ASUS / RT-AX56U3.0.0.4.386.44266 – 3.0.0.4.386.44266

References

MISChttps://www.twcert.org.tw/tw/cp-132-5431-d23be-1.html