CVE-2024-11985 — Improper Input Validation in Rt-ax55

CWE-20 — Improper Input Validation3 documents3 sources

Severity

4.4MEDIUMNVD

EPSS

0.1%

top 67.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Asus Rt-ax55 Asus Rt-ax55 V2 Asus Rt-ax56u +4 more

Timeline

PublishedDec 4

Description

An improper input validation vulnerability leads to device crashes in certain ASUS router models. Refer to the '12/03/2024 ASUS Router Improper Input Validation' section on the ASUS Security Advisory for more information.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.7 | Impact: 3.6

Affected Packages7 packages

▶CVEListV5asus/rt-ax55before 3.0.0.4.386_52332

▶CVEListV5asus/rt-ax57before 3.0.0.4.386_52332

▶CVEListV5asus/rt-ax56ubefore 3.0.0.4.386_51712

▶CVEListV5asus/rt-ax58ubefore 3.0.0.4_388_25127

▶CVEListV5asus/rt-ax55_v2before 3.0.0.4.386_52332

🔴Vulnerability Details

GHSA

GHSA-vm9h-gqwm-9wf2: An improper input validation vulnerability leads to device crashes in certain ASUS router models↗2024-12-04

▶

CVEList

CVE-2024-11985: An improper input validation vulnerability leads to device crashes in certain ASUS router models↗2024-12-04

▶