PT-2024-12434 · Asus · Asus Rt-Ac51U

Donn Morrison

Published

2024-05-06

Updated

2024-05-07

CVE-2023-33548

CVSS v3.1

6.8

Medium

Vector

AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ASUS RT-AC51U versions up to and including 3.0.0.4.380.8591

Description A Cross Site Scripting (XSS) issue allows attackers to run arbitrary code via the WPA Pre-Shared Key field. This enables attackers to execute malicious scripts, potentially leading to unauthorized access or control of the system.

Recommendations For versions up to and including 3.0.0.4.380.8591, update the firmware to a version later than 3.0.0.4.380.8591 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2023-33548

Affected Products

Asus Rt-Ac51U

PT-2024-12434 · Asus · Asus Rt-Ac51U

CVE-2023-33548

Weakness Enumeration

Related Identifiers

Affected Products

References · 4