CVE-2021-43702

Name of the Vulnerable Software and Affected Versions ASUS RT-A88U version 3.0.0.4.386 45898

Description The ASUS router admin panel does not sanitize the WiFi logs correctly. If an attacker is able to change the SSID of the router with a custom payload, they could achieve stored Cross Site Scripting (XSS) on the device.

Recommendations For version 3.0.0.4.386 45898, consider restricting access to the admin panel and avoid using custom SSID names until a patch is available. As a temporary workaround, disabling the WiFi logs or limiting their accessibility can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.