Asus Rt-ax86u Firmware < 9.0.0.4_386 - Buffer Overflow
ASUS RT-AX86U router firmware below version under 9.0.0.4_386 has a buffer overflow in the blocking_request.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data.
ASUS RT-AC3200 <3.0.0.4.382.50010 - Command Injection
System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.