CVE-2023-28702

Name of the Vulnerable Software and Affected Versions ASUS RT-AC86U (affected versions not specified)

Description The issue exists due to the lack of neutralization of special elements used in the operating system command. A remote attacker with normal user privileges can exploit this to perform a command injection attack, executing arbitrary system commands, disrupting the system, or terminating the service. The vulnerability is related to the failure to filter special characters for parameters in specific web URLs.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.