Cross Site Scripting Vulnerability in ASUS RT-A88U Router
CVE-2021-43702

9CRITICAL

Key Information:

Vendor

Asus
Status
Zenwifi Xd4s Firmware
Vendor
CVE Published:
5 July 2022

What is CVE-2021-43702?

The ASUS RT-A88U router exhibits a Cross Site Scripting (XSS) vulnerability due to improper sanitization of WiFi logs in its admin panel. If an attacker manages to alter the SSID of the router with a crafted payload, it could lead to stored XSS, potentially allowing for unauthorized access and manipulation of the device settings.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Route...
x_refsource_MISC
https://www.kroll.com/en/insights/publications/cyber/cve-...
x_refsource_MISC

CVSS V3.1

Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.