Denial of Service Vulnerability in Asus Router Configuration Service
CVE-2022-38393

7.5HIGH

Key Information:

Vendor: Asus
Status: Rt-ax82u
Vendor: CVE Published:; 10 January 2023

Summary

A denial of service vulnerability has been identified in the configuration service of the Asus RT-AX82U router, specifically within the cm_processConnDiagPktList opcode. This vulnerability allows an attacker to disrupt the normal operation of the device by sending specially-crafted network packets. Exploiting this flaw can lead to service interruptions, severely impacting the network's reliability and security. It is crucial for users of affected versions to apply the necessary updates to safeguard against such threats.

Affected Version(s)

RT-AX82U 3.0.0.4.386_49674-ge182230

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2023
Vulnerability Reserved
Aug 17, 2022