CVE-2022-26674
ASUS RT-AX88U - Format String
In short
The ASUS RT-AX88U router has a flaw that lets attackers send specially crafted messages to trigger code execution without needing a password. This allows them to take full control of the router.
Technical detail
A format string vulnerability in ASUS RT-AX88U enables an unauthenticated remote attacker to write to arbitrary memory locations via crafted input, leading to arbitrary code execution and complete system compromise. The attack requires network access to the vulnerable service but no prior authentication.
Summary generated and translated by AI from the official description.
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker to write to arbitrary memory address and perform remote arbitrary code execution, arbitrary system operation or disrupt service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
ASUS · RT-AX88UWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →