#VU71218 Use of a Key Past its Expiration Date in Asus products - CVE-2022-35401

Vulnerability identifier: #VU71218

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2022-35401

CWE-ID: CWE-324

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
RT-AX82U
GT6
GT-AXE16000
GT-AXE11000 PRO
GT-AXE11000
GT-AX6000
GT-AX11000
GS-AX5400
GS-AX3000
ZenWiFi XT9
ZenWiFi XT8
ZenWiFi XT8_V2
RT-AX86U PRO
RT-AX86U
RT-AX86S
RT-AX58U
RT-AX3000
TUF-AX6000
TUF-AX5400

Software vendor:
Asus

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to authentication bypass issue in the get_IFTTTTtoken.cgi functionality. A remote attacker can send specially crafted HTTP requests and gain full administrative access to the device.

Install updates from vendor's website.

• https://talosintelligence.com/vulnerability_reports/TALOS-2022-1586
• https://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230620
• https://www.asus.com/content/asus-product-security-advisory/#06/19/2023