Security Advisory

CVE-2022-26376

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-08-05 21:18:47

Last updated 2025-04-15 18:53:55

Assigner talos

State PUBLISHED

Description

A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗