CVE-2023-47008

Name of the Vulnerable Software and Affected Versions ASUS RT-AX57 version 3.0.0.4 386 52041

Description The issue exists due to insufficient input validation in the sub 4CCE4 function of the ASUS RT-AX57 Wi-Fi router's firmware. This allows a remote attacker to execute arbitrary code by sending a specially crafted request to the ifname field.

Recommendations For version 3.0.0.4 386 52041, as a temporary workaround, consider restricting access to the sub 4CCE4 function until a patch is available. Avoid using the ifname field in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.