cbcvebase.
CVE-2024-1655
published 2024-04-15

CVE-2024-1655: Certain ASUS WiFi routers models has an OS Command Injection vulnerability, allowing an authenticated remote attacker to execute arbitrary system commands by…

PriorityP265high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.02%
78.6th percentile
Certain ASUS WiFi routers models has an OS Command Injection vulnerability, allowing an authenticated remote attacker to execute arbitrary system commands by sending a specially crafted request.

Affected

3 ranges
VendorProductVersion rangeFixed in
asusexpertwifi_ebm63>= earlier < 3.0.0.6.102_326453.0.0.6.102_32645
asusexpertwifi_ebm68>= earlier < 3.0.0.6.102_443843.0.0.6.102_44384
asusrt-ax57_go>= earlier < 3.0.0.6.102_221883.0.0.6.102_22188
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.