CVE-2023-33548

MEDIUM

ASUS RT-AC51U <3.0.0.4.380.8591 - XSS

Title source: llm

Description

Cross Site Scripting (XSS) vulnerability in ASUS RT-AC51U with firmware versions up to and including 3.0.0.4.380.8591 allows attackers to run arbitrary code via the WPA Pre-Shared Key field.

References (1)

Core 1

Core References

Various Sources

https://github.com/Idaht/ASUS_RT-AC51U_CVE/blob/main/XSS%20-%20WPA%20Pre-Shared%20Key

View Writeup ZIP pw:eip

Scores

CVSS v3 6.8

EPSS 0.0016

EPSS Percentile 36.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Published May 06, 2024

Tracked Since Feb 18, 2026