Security Advisory

CVE-2023-39240

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-07 07:25:32

Last updated 2024-09-26 19:19:30

Assigner twcert

State PUBLISHED

Description

It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.

← Browse all CVEs View on cve.org ↗