PT-2021-11914 · Asus · Asus Rt-Ax86
Published
2021-02-01
·
Updated
2023-01-22
·
CVE-2020-36109
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
ASUS RT-AX86U router firmware versions prior to 9.0.0.4 386
Description:
The issue is related to a buffer overflow in the
blocking request.cgi function of the httpd module. This can cause code execution when an attacker constructs malicious data.Recommendations:
For versions prior to 9.0.0.4 386, update to version 9.0.0.4 386 or later to resolve the issue. As a temporary workaround, consider restricting access to the
httpd module or the blocking request.cgi function until a patch is applied.Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Asus Rt-Ax86