cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-39239,https://securityvulnerability.io/vulnerability/CVE-2023-39239,ASUS RT-AX55、RT-AX56U_V2、RT-AC86U - Format String - 2,"A format string vulnerability has been identified within the General function API of the ASUS RT-AX56U V2's apply.cgi module. This flaw arises from insufficient validation of specific input values, allowing a remote attacker with administrator privileges to exploit it. Successful exploitation could lead to arbitrary code execution, unauthorized system operations, or service disruption, posing significant risks to device security and operational integrity.",Asus,"Rt-ax55,Rt-ax56u V2,Rt-ac86u",7.2,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2023-09-07T08:15:00.000Z,0
CVE-2023-39238,https://securityvulnerability.io/vulnerability/CVE-2023-39238,"Format String Vulnerability Affects ASUS RT-AX56U V2, Allows Remote Code Execution","A format string vulnerability has been identified in the ASUS RT-AX56U V2 due to insufficient validation within its set_iperf3_svr.cgi module. This flaw could allow an attacker with administrator privileges to execute arbitrary code remotely, perform unauthorized operations, or disrupt service functionalities. Organizations using this device should ensure timely updates and implement security measures to mitigate potential risks.",Asus,"Rt-ax55,Rt-ax56u V2",7.2,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2023-09-07T08:15:00.000Z,0
CVE-2023-39240,https://securityvulnerability.io/vulnerability/CVE-2023-39240,ASUS RT-AX55、RT-AX56U_V2 - Format String - 3,"A format string vulnerability exists in the iperf client function of ASUS RT-AX56U V2, specifically within the set_iperf3_cli.cgi module. Due to inadequate validation of input values, a remote attacker with administrator privileges can exploit this flaw to execute arbitrary code, perform unrestricted system operations, or cause service disruptions.",Asus,"Rt-ax55,Rt-ax56u V2",7.2,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2023-09-07T08:15:00.000Z,0
CVE-2023-35087,https://securityvulnerability.io/vulnerability/CVE-2023-35087,ASUS RT-AX56U V2 & RT-AC86U - Format String - 2,"A format string vulnerability has been identified in ASUS RT-AX56U V2 and RT-AC86U routers. This weakness arises from insufficient validation of a specific value when executing the cm_processChangedConfigMsg within the ccm_processREQ_CHANGED_CONFIG function in the AiMesh system. An unauthenticated remote attacker could exploit this vulnerability to perform arbitrary code execution, carry out arbitrary operations on the system, or potentially disrupt the service, making it crucial for users to mitigate the associated risks.",Asus,"Rt-ax56u V2,Rt-ac86u",9.8,CRITICAL,0.0006399999838322401,false,false,false,false,,false,false,2023-07-21T08:15:00.000Z,0
CVE-2023-35086,https://securityvulnerability.io/vulnerability/CVE-2023-35086,ASUS RT-AX56U V2 & RT-AC86U - Format String -1,"A format string vulnerability has been identified in ASUS RT-AX56U V2 and RT-AC86U routers, specifically within the logmessage_normal function of the do_detwan_cgi module in the HTTP daemon. This flaw allows a remote attacker with administrator privileges to exploit the system, potentially leading to arbitrary code execution and unauthorized system operations or service disruptions. The affected firmware versions include 3.0.0.4.386_50460 for RT-AX56U V2 and 3.0.0.4_386_51529 for RT-AC86U.",Asus,"Rt-ax56u V2,Rt-ac86u",7.2,HIGH,0.0006399999838322401,false,false,false,true,true,false,false,2023-07-21T07:15:00.000Z,0