CVE-2023-34358
published 2023-07-31CVE-2023-34358: ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| asus | rt-ax88u | – 3.0.0.4.388_22525-gd35b8fe | — |
| asus | rt-ax88u_firmware | < 3.0.0.4.388.23748 | 3.0.0.4.388.23748 |