CVE-2022-26674

ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker to write to arbitrary memory address and perform remote arbitrary code execution, arbitrary system operation or disrupt service.
References
Link Resource
https://www.twcert.org.tw/tw/cp-132-6043-0f72c-1.html Third Party Advisory VDB Entry
https://www.twcert.org.tw/tw/cp-132-6043-0f72c-1.html Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:54

Type Values Removed Values Added
References () https://www.twcert.org.tw/tw/cp-132-6043-0f72c-1.html - Third Party Advisory, VDB Entry () https://www.twcert.org.tw/tw/cp-132-6043-0f72c-1.html - Third Party Advisory, VDB Entry

Information

Published : 2022-04-22 07:15

Updated : 2024-11-21 06:54


NVD link : CVE-2022-26674

Mitre link : CVE-2022-26674

CVE.ORG link : CVE-2022-26674


JSON object : View

Products Affected

asus

  • rt-ax88u
  • rt-ax88u_firmware
CWE
CWE-134

Use of Externally-Controlled Format String