CVE-2024-3912

CRITICAL

ASUS Router - Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-3912. PoCs published by H4rk3nz0.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2024-3912, targeting Asus routers. The exploit leverages a two-stage attack: first, it writes a shell script to a temporary file via SETROOTCERTIFICATE, then triggers execution via RC_SERVICE backtick injection in the APPLYAPP endpoint.

Description

Certain models of ASUS routers have an arbitrary firmware upload vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the device.

Exploits (1)

nomisec WORKING POC

by H4rk3nz0 · poc

https://github.com/H4rk3nz0/CVE-2024-3912

View Code ZIP pw:eip

This repository contains a functional exploit PoC for CVE-2024-3912, targeting Asus routers. The exploit leverages a two-stage attack: first, it writes a shell script to a temporary file via SETROOTCERTIFICATE, then triggers execution via RC_SERVICE backtick injection in the APPLYAPP endpoint.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Asus router (specific version not specified)

No auth needed

Prerequisites: Network access to the target router · TLS connectivity to the router's management interface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 06, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources third-party-advisory

https://www.twcert.org.tw/tw/cp-132-7875-872d3-1.html

Various Sources third-party-advisory

https://www.twcert.org.tw/en/cp-139-7876-396bd-2.html

Scores

CVSS v3 9.8

EPSS 0.0103

EPSS Percentile 59.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-434

Status published

Products (22)

ASUS/DSL-AC51 earlier - 1.1.2.3_999

ASUS/DSL-AC52 All

ASUS/DSL-AC52U earlier - 1.1.2.3_999

ASUS/DSL-AC55 All

ASUS/DSL-AC55U earlier - 1.1.2.3_999

ASUS/DSL-AC56U earlier - 1.1.2.3_999

ASUS/DSL-AC750 earlier - 1.1.2.3_999

ASUS/DSL-N10_C1 All

ASUS/DSL-N10_D1 All

ASUS/DSL-N10P_C1 All

... and 12 more

Published Jun 14, 2024

Tracked Since Feb 18, 2026