Description
ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U, ASUS RT-AC67U, ASUS RT-AC68R, ASUS RT-AC68U, ASUS RT-AX86, ASUS RT-AC86U, ASUS RT-AX88U, and ASUS RT-AX3000.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- ASUS / ExpertWiFi0 – 3.0.0.6.102_44544
- ASUS / RT-AC67U0 – 3.0.0.4.386_51685
- ASUS / RT-AC68R0 – 3.0.0.4.386_51685
- ASUS / RT-AC68U0 – 3.0.0.4.386_51685
- ASUS / RT-AC86U0 – 3.0.0.4.386_51925
- ASUS / RT-AX30000 – 3.0.0.4.388_24762
- ASUS / RT-AX550 – 3.0.0.4.386_52303
- ASUS / RT-AX58U0 – 3.0.0.4.388_24762
- ASUS / RT-AX86 Series0 – 3.0.0.4.388_24243
- ASUS / RT-AX88U0 – 3.0.0.4.388_24209
References
- VENDOR_ADVISORYhttps://vulncheck.com/advisories/asus-ovpn-rce