CVE-2025-59371

CWE-3303 documents3 sources
Severity
7.5HIGH
EPSS
0.2%
top 52.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Asus Router
Timeline
PublishedNov 25

Description

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages1 packages

CVEListV5asus/router3.0.0.4_386, 3.0.0.4_388, 3.0.0.6_102+2

🔴Vulnerability Details

2
GHSA
GHSA-469j-6572-rhpj: An authentication bypass vulnerability has been identified in the IFTTT integration feature2025-11-25
CVEList
CVE-2025-59371: An authentication bypass vulnerability has been identified in the IFTTT integration feature2025-11-25
CVE-2025-59371 (HIGH CVSS 7.5) | An authentication bypass vulnerabil | cvebase.io