Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-41437: easy-exploits/Web/ASUS/CVE-2021-41437 at main · efchatz/easy-exploits

An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558 allows an attacker to craft a specific URL that if an authenticated victim visits it, the URL will give access to the cloud storage of the attacker.

CVE
Open in Source
#vulnerability#web#ios#bios#asus#auth#wifi

Vulnerability type

HTTP Response splitting (CVE-2021-41437)

Vendor

ASUS

Affected product

RT-AX88U

Attack type

Remote

Affected components

The AiCloud component of the current web app is vulnerable to an HTTP response splitting attack.

Attack vector

An attacker can craft a specific URL that if an authenticated victim visits it, the URL will give access to the cloud storage of the attacker.

Patch

Fixed from firmware v3.0.0.4.388.20558 (https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-Gaming-Routers/RT-AX88U/HelpDesk_BIOS/)

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE