CVE-2022-25596
published 2022-04-07CVE-2022-25596: ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which…
high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations and disrupt service.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| asus | rt-ac86u | — | — |
| asus | rt-ac86u_firmware | — | — |