Cross-Site Scripting Vulnerability in ASUS RT-AC51U Wireless Router
CVE-2023-29772

5.2MEDIUM

Key Information:

Vendor: Asus
Status: Rt-ac51u Firmware
Vendor: CVE Published:; 2 May 2023

Summary

The ASUS RT-AC51U wireless router contains a Cross-site Scripting (XSS) vulnerability that affects the System Log/General Log page of the administrator web interface. This flaw allows remote attackers to inject arbitrary web scripts or HTML through crafted network requests, potentially compromising the integrity of the web UI and exposing sensitive information. Users of affected firmware versions should take immediate action to protect their devices from exploitation.

References

https://gitlab.com/donnm/cves/-/blob/master/xss_rtac51u_s...

CVSS V3.1

Score:

5.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 2, 2023
Vulnerability Reserved
Apr 7, 2023