CVE-2021-43702
published 2022-07-05CVE-2021-43702: ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an…
critical9CVSS 3.1
AVNACLPRLUIRSCCHIHAH
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
Affected
93 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| asus | 4g-ac53u_firmware | — | — |
| asus | 4g-ac68u_firmware | — | — |
| asus | rog_rapture_gt-ac2900_firmware | — | — |
| asus | rog_rapture_gt-ac5300_firmware | — | — |
| asus | rog_rapture_gt-ax11000_firmware | — | — |
| asus | rt-ac1200_firmware | — | — |
| asus | rt-ac1200e_firmware | — | — |
| asus | rt-ac1200g_+_firmware | — | — |
| asus | rt-ac1200g_firmware | — | — |
| asus | rt-ac1200gu_firmware | — | — |
| asus | rt-ac1200hp_firmware | — | — |
| asus | rt-ac1300g_+_firmware | — | — |
| asus | rt-ac1300uhp_firmware | — | — |
| asus | rt-ac1750_b1_firmware | — | — |
| asus | rt-ac1750_firmware | — | — |
| asus | rt-ac1900_firmware | — | — |
| asus | rt-ac1900p_firmware | — | — |
| asus | rt-ac1900u_firmware | — | — |
| asus | rt-ac2200_firmware | — | — |
| asus | rt-ac2400_firmware | — | — |
| asus | rt-ac2600_firmware | — | — |
| asus | rt-ac2900_firmware | — | — |
| asus | rt-ac3100_firmware | — | — |
| asus | rt-ac3200_firmware | — | — |
| asus | rt-ac51u_+_firmware | — | — |