CVE-2025-59369

CWE-89SQL Injection3 documents3 sources
Severity
5.9MEDIUM
EPSS
0.2%
top 59.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Asus Router
Timeline
PublishedNov 25

Description

A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary SQL queries, leading to unauthorized data access. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages1 packages

CVEListV5asus/router3.0.0.4_386, 3.0.0.4_388, 3.0.0.6_102+2

🔴Vulnerability Details

2
GHSA
GHSA-g29f-8ccj-vr2p: A SQL injection vulnerability has been identified in bwdpi2025-11-25
CVEList
CVE-2025-59369: A SQL injection vulnerability has been identified in bwdpi2025-11-25
CVE-2025-59369 (MEDIUM CVSS 5.9) | A SQL injection vulnerability has b | cvebase.io