CVE-2021-43702

9CRITICAL

Key Information

Vendor: Asus
Status: Zenwifi Xd4s Firmware
Vendor: CVE Published:; 5 July 2022

Summary

ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published.
Jul 5, 2022
Vulnerability Reserved.
Nov 15, 2021

Collectors

NVD DatabaseMitre Database