Buffer Overflow Vulnerability in ASUS RT-AX88U Router
CVE-2024-33278

Currently unrated

Key Information:

Vendor: ASUS
Status: RT-AX88U Router
Vendor: CVE Published:; 24 June 2024

Summary

A buffer overflow vulnerability has been identified in the ASUS RT-AX88U router when running firmware version v3.0.0.4.388_24198. This issue arises from improper length validation for the cookie field within the connection state machine, enabling remote attackers to potentially execute arbitrary code. Users of the RT-AX88U router are urged to review ASUS's security advisory for mitigation strategies and available firmware updates to safeguard their devices.

References

https://www.asus.com/content/asus-product-security-advisory/

https://gist.github.com/viktoredstrom/cd2580fb0e93e47133b...

Timeline

Vulnerability published
Jun 24, 2024
Vulnerability Reserved
Apr 23, 2024