CVE-2023-41346

Name of the Vulnerable Software and Affected Versions ASUS RT-AX55 (affected versions not specified) ASUS RT-AC86U (affected versions not specified)

Description The authentication-related function in the ASUS RT-AX55 and RT-AC86U routers has a vulnerability due to insufficient filtering of special characters within its token-refresh module. This allows an authenticated remote attacker to exploit the vulnerability and perform a Command Injection attack, enabling them to execute arbitrary commands, disrupt the system, or terminate services.

Recommendations For ASUS RT-AX55, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For ASUS RT-AC86U, at the moment, there is no information about a newer version that contains a fix for this vulnerability.