CVE-2023-41348

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 3, 2023

Updated: Nov 13, 2023

CWE ID 78

Summary

CVE-2023-41348 refers to a vulnerability in ASUS RT-AX55's authentication function. This issue stems from insufficient filtering of special characters within the code-authentication module. An authenticated attacker can exploit this weakness to execute Command Injections, potentially causing system disruption or service termination. The attacker's objective is to inject malicious commands, leading to unintended consequences. The vulnerability creates a serious risk, especially for those with authorized access to the system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ASUS

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sfVD-6
https://www.cve.org/CVERecord?id=CVE-2023-41348
https://nvd.nist.gov/vuln/detail/CVE-2023-41348

Back to Vulnerability Database

CVE-2023-41348

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations