CVE-2021-37910

LOW

ASUS routers - DoS

Title source: llm

Description

ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames.

Exploits (1)

nomisec WORKING POC 17 stars

by efchatz · poc

https://github.com/efchatz/easy-exploits

View Code ZIP pw:eip

References (1)

[Third Party Advisory] https://www.twcert.org.tw/tw/cp-132-5259-22a26-1.html

Scores

CVSS v3 3.7

EPSS 0.0357

EPSS Percentile 87.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

CWE

CWE-799

Status published

Products (5)

asus/gt-axe11000_firmware < 3.0.0.4.386.45898

asus/rt-ax3000_firmware < 3.0.0.4.386.45898

asus/rt-ax55_firmware < 3.0.0.4.386.45898

asus/rt-ax58u_firmware < 3.0.0.4.386.45898

asus/tuf-ax3000_firmware < 3.0.0.4.386.45898

Published Nov 12, 2021

Tracked Since Feb 18, 2026