CVE-2021-44158
HIGHASUS RT-AX56U Firmware - Authenticated Stack-Based Buffer Overflow via HTTPD Parameter
Title source: llmDescription
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.twcert.org.tw/tw/cp-132-5431-d23be-1.html
Scores
CVSS v3
8.0
EPSS
0.0068
EPSS Percentile
47.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-1284
CWE-121
Status
published
Products (1)
asus/rt-ax56u_firmware
3.0.0.4.386.44266
Published
Jan 03, 2022
Tracked Since
Feb 18, 2026