Improper Export Vulnerability in ASUS Router App
CVE-2026-12960

6MEDIUM

Key Information:

Vendor

Asus

Vendor
CVE Published:
3 July 2026

What is CVE-2026-12960?

The ASUS Router App contains a vulnerability that allows a malicious third-party application on the same device to initiate a crafted Intent. This can lead to the ASUS Router App opening a specified URL without proper validation, potentially compromising user privacy and security. For more details and mitigation strategies, refer to the official ASUS Security Advisory.

Affected Version(s)

Router app 0 <= 1.0.0.9.71

References

CVSS V4

Score:
6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Sedric Louissaint
.