Multiple vulnerabilities in ASUS Routers
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2023-38031 CVE-2023-38032 CVE-2023-38033 CVE-2023-39236 CVE-2023-39237 CVE-2023-39238 CVE-2023-39239 CVE-2023-39240 |
| CWE-ID | CWE-77 CWE-134 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
RT-AC86U Hardware solutions / Routers & switches, VoIP, GSM, etc RT-AX55 Hardware solutions / Routers & switches, VoIP, GSM, etc RT-AX56U_V2 Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | Asus |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Command Injection
EUVDB-ID: #VU80475
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38031
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the web browsing history function. A remote user can pass specially crafted data to the application and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRT-AC86U: 3.0.0.4_386_51529
External linkshttp://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230906
http://www.twcert.org.tw/tw/cp-132-7348-56989-1.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Command Injection
EUVDB-ID: #VU80477
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38032
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the security-related function of AiProtection. A remote user can pass specially crafted data to the application and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRT-AC86U: 3.0.0.4_386_51529
External linkshttp://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230906
http://www.twcert.org.tw/tw/cp-132-7349-7f8cd-1.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Command Injection
EUVDB-ID: #VU80478
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38033
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the wanStat_detail function. A remote user can pass specially crafted data to the application and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRT-AC86U: 3.0.0.4_386_51529
External linkshttp://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230906
http://www.twcert.org.tw/tw/cp-132-7350-ded5e-1.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Command Injection
EUVDB-ID: #VU80479
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39236
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the statistical value function. A remote user can pass specially crafted data to the application and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRT-AC86U: 3.0.0.4_386_51529
External linkshttp://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230906
http://www.twcert.org.tw/tw/cp-132-7351-ec8fe-1.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Command Injection
EUVDB-ID: #VU80480
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39237
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the application analysis function. A remote user can pass specially crafted data to the application and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRT-AC86U: 3.0.0.4_386_51529
External linkshttp://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230906
http://www.twcert.org.tw/tw/cp-132-7352-bad68-1.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Format string error
EUVDB-ID: #VU80482
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39238
CWE-ID:
CWE-134 - Use of Externally-Controlled Format String
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a format string error in the iperf-related modules set_iperf3_svr.cgi API. A remote attacker can supply a specially crafted input that contains format string specifiers and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRT-AX55: 3.0.0.4.386_50460
RT-AX56U_V2: 3.0.0.4.386_50460
RT-AC86U: 3.0.0.4_386_51529
External linkshttp://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230906
http://www.twcert.org.tw/tw/cp-132-7354-4e654-1.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Format string error
EUVDB-ID: #VU80483
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39239
CWE-ID:
CWE-134 - Use of Externally-Controlled Format String
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a format string error in the API of the general setting function. A remote attacker can supply a specially crafted input that contains format string specifiers and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRT-AX55: 3.0.0.4.386_50460
RT-AX56U_V2: 3.0.0.4.386_50460
RT-AC86U: 3.0.0.4_386_51529
External linkshttp://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230906
http://www.twcert.org.tw/tw/cp-132-7355-0ce8d-1.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Format string error
EUVDB-ID: #VU80484
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39240
CWE-ID:
CWE-134 - Use of Externally-Controlled Format String
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a format string error in the iperf-related modules set_iperf3_cli.cgi API. A remote attacker can supply a specially crafted input that contains format string specifiers and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRT-AX55: 3.0.0.4.386_50460
RT-AX56U_V2: 3.0.0.4.386_50460
RT-AC86U: 3.0.0.4_386_51529
External linkshttp://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230906
http://www.twcert.org.tw/tw/cp-132-7356-021bf-1.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
