CVE-2024-12912

Name of the Vulnerable Software and Affected Versions ASUS AiCloud (affected versions not specified)

Description An improper input insertion issue exists in AiCloud on certain ASUS router models. This can allow a remote attacker to execute arbitrary commands. The issue involves a failure to properly sanitize data at the management level. Multiple reports indicate a potential link to ongoing investigations and possible exploitation in the wild. The vulnerability is documented in the '01/02/2025 ASUS Router AiCloud vulnerability' section of the ASUS Security Advisory. No information is available regarding the number of potentially affected devices.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.