CVE-2024-3079

HIGH

ASUS ZenWiFi XT8, XT8 V2, RT-AX88U, RT-AX58U, RT-AX57, RT-AC86U, RT-AC68U - Authenticated Stack-based Buffer Overflow

Title source: llm
STIX 2.1

Description

Certain models of ASUS routers have buffer overflow vulnerabilities, allowing remote attackers with administrative privileges to execute arbitrary commands on the device.

References (2)

Core 2
Core References
Various Sources third-party-advisory
https://www.twcert.org.tw/tw/cp-132-7857-5726f-1.html
Various Sources third-party-advisory
https://www.twcert.org.tw/en/cp-139-7858-3c978-2.html

Scores

CVSS v3 7.2
EPSS 0.0355
EPSS Percentile 87.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-121
Status published
Products (7)
ASUS/RT-AC68U earlier - 3.0.0.4.386_51668
ASUS/RT-AC86U earlier - 3.0.0.4.386_51915
ASUS/RT-AX57 earlier - 3.0.0.4.386_52294
ASUS/RT-AX58U earlier - 3.0.0.4.388_23925
ASUS/RT-AX88U earlier - 3.0.0.4.388_24198
ASUS/ZenWiFi XT8 earlier - 3.0.0.4.388_24609
ASUS/ZenWiFi XT8 V2 earlier - 3.0.0.4.388_24609
Published Jun 14, 2024
Tracked Since Feb 18, 2026