CVE-2024-1655

HIGH

ASUS WiFi Routers - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-1655. PoCs published by lnversed.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2024-1655, an authenticated command injection vulnerability in ASUS ExpertWiFi devices. The exploit crafts a malicious HTTP request to the splash_page_SDN.cgi endpoint, injecting arbitrary commands via a manipulated Content-Disposition header.

Description

Certain ASUS WiFi routers models has an OS Command Injection vulnerability, allowing an authenticated remote attacker to execute arbitrary system commands by sending a specially crafted request.

Exploits (1)

nomisec WORKING POC 1 stars
by lnversed · poc
https://github.com/lnversed/CVE-2024-1655

This repository contains a functional Python exploit for CVE-2024-1655, an authenticated command injection vulnerability in ASUS ExpertWiFi devices. The exploit crafts a malicious HTTP request to the splash_page_SDN.cgi endpoint, injecting arbitrary commands via a manipulated Content-Disposition header.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ASUS ExpertWiFi EBM63, EBM68, and RT-AX57 Go firmwares before 12-04-2024 patch
Auth required
Prerequisites: Valid asus_token for authentication · Network access to the target device
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1
Core References
Various Sources third-party-advisory
https://www.twcert.org.tw/tw/cp-132-7737-1acd0-1.html

Scores

CVSS v3 8.8
EPSS 0.0203
EPSS Percentile 78.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-78
Status published
Products (3)
ASUS/ExpertWiFi EBM63 earlier - 3.0.0.6.102_32645
ASUS/ExpertWiFi EBM68 earlier - 3.0.0.6.102_44384
ASUS/RT-AX57 Go earlier - 3.0.0.6.102_22188
Published Apr 15, 2024
Tracked Since Feb 18, 2026