CVE-2022-26673
published 2022-04-22CVE-2022-26673: ASUS RT-AX88U has insufficient filtering for special characters in the HTTP header parameter. A remote attacker with general user privilege can exploit this…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
ASUS RT-AX88U has insufficient filtering for special characters in the HTTP header parameter. A remote attacker with general user privilege can exploit this vulnerability to inject JavaScript and perform Stored Cross-Site Scripting (XSS) attacks.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| asus | rt-ax88u | >= unspecified < 3.0.0.4.386.4606 | 3.0.0.4.386.4606 |
| asus | rt-ax88u_firmware | < 3.0.0.4.386.46065 | 3.0.0.4.386.46065 |