Vulnerability Details CVE-2021-43702
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.0%
CVSS Severity
CVSS v3 Score 9.0
CVSS v2 Score 3.5
References
- https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/
- https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch
- https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/
- https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch
Products affected by CVE-2021-43702
-
cpe:2.3:h:asus:4g-ac53u:-
-
cpe:2.3:h:asus:4g-ac68u:-
-
cpe:2.3:h:asus:rog_rapture_gt-ac2900:-
-
cpe:2.3:h:asus:rog_rapture_gt-ac5300:-
-
cpe:2.3:h:asus:rog_rapture_gt-ax11000:-
-
cpe:2.3:h:asus:rt-ac1200:-
-
cpe:2.3:h:asus:rt-ac1200e:-
-
cpe:2.3:h:asus:rt-ac1200g+:-
-
cpe:2.3:h:asus:rt-ac1200g:-
-
cpe:2.3:h:asus:rt-ac1200gu:-
-
cpe:2.3:h:asus:rt-ac1200hp:-
-
cpe:2.3:h:asus:rt-ac1300g+:-
-
cpe:2.3:h:asus:rt-ac1300uhp:-
-
cpe:2.3:h:asus:rt-ac1750:-
-
cpe:2.3:h:asus:rt-ac1750_b1_:-
-
cpe:2.3:h:asus:rt-ac1900:-
-
cpe:2.3:h:asus:rt-ac1900p:-
-
cpe:2.3:h:asus:rt-ac1900u:-
-
cpe:2.3:h:asus:rt-ac2200:-
-
cpe:2.3:h:asus:rt-ac2400:-
-
cpe:2.3:h:asus:rt-ac2600:-
-
cpe:2.3:h:asus:rt-ac2900:-
-
cpe:2.3:h:asus:rt-ac3100:-
-
cpe:2.3:h:asus:rt-ac3200:-
-
cpe:2.3:h:asus:rt-ac51u+:-
-
cpe:2.3:h:asus:rt-ac51u:-
-
cpe:2.3:h:asus:rt-ac52u_b1:-
-
cpe:2.3:h:asus:rt-ac5300:-
-
cpe:2.3:h:asus:rt-ac53:-
-
cpe:2.3:h:asus:rt-ac55u:-
-
cpe:2.3:h:asus:rt-ac55uhp:-
-
cpe:2.3:h:asus:rt-ac56r:-
-
cpe:2.3:h:asus:rt-ac56s:-
-
cpe:2.3:h:asus:rt-ac56u:-
-
cpe:2.3:h:asus:rt-ac57u:-
-
cpe:2.3:h:asus:rt-ac58u:-
-
cpe:2.3:h:asus:rt-ac65p:-
-
cpe:2.3:h:asus:rt-ac65u:-
-
cpe:2.3:h:asus:rt-ac66r:-
-
cpe:2.3:h:asus:rt-ac66u+:-
-
cpe:2.3:h:asus:rt-ac66u:-
-
cpe:2.3:h:asus:rt-ac66u_b1:-
-
cpe:2.3:h:asus:rt-ac66w:-
-
cpe:2.3:h:asus:rt-ac68p:-
-
cpe:2.3:h:asus:rt-ac68r:-
-
cpe:2.3:h:asus:rt-ac68u:-
-
cpe:2.3:h:asus:rt-ac68uf:-
-
cpe:2.3:h:asus:rt-ac68w:-
-
cpe:2.3:h:asus:rt-ac85p:-
-
cpe:2.3:h:asus:rt-ac85u:-
-
cpe:2.3:h:asus:rt-ac86u:-
-
cpe:2.3:h:asus:rt-ac87r:-
-
cpe:2.3:h:asus:rt-ac87u:-
-
cpe:2.3:h:asus:rt-ac88u:-
-
cpe:2.3:h:asus:rt-acrh13:-
-
cpe:2.3:h:asus:rt-acrh17:-
-
cpe:2.3:h:asus:rt-ax3000:-
-
cpe:2.3:h:asus:rt-ax55:-
-
cpe:2.3:h:asus:rt-ax56u:-
-
cpe:2.3:h:asus:rt-ax58u:-
-
cpe:2.3:h:asus:rt-ax68u:-
-
cpe:2.3:h:asus:rt-ax82u:-
-
cpe:2.3:h:asus:rt-ax86u:-
-
cpe:2.3:h:asus:rt-ax88u:-
-
cpe:2.3:h:asus:rt-ax89x:-
-
cpe:2.3:h:asus:rt-ax92u:-
-
cpe:2.3:h:asus:rt-n12+_b1:-
-
cpe:2.3:h:asus:rt-n12d1:-
-
cpe:2.3:h:asus:rt-n12e_b1:-
-
cpe:2.3:h:asus:rt-n12e_c1:-
-
cpe:2.3:h:asus:rt-n12hp_b1:-
-
cpe:2.3:h:asus:rt-n12vp_b1:-
-
cpe:2.3:h:asus:rt-n14uhp:-
-
cpe:2.3:h:asus:rt-n18u:-
-
cpe:2.3:h:asus:rt-n19:-
-
cpe:2.3:h:asus:rt-n66c1:-
-
cpe:2.3:h:asus:rt-n66r:-
-
cpe:2.3:h:asus:rt-n66u:-
-
cpe:2.3:h:asus:rt-n66w:-
-
cpe:2.3:h:asus:tuf_gaming_ax3000_v2:-
-
cpe:2.3:h:asus:tuf_gaming_ax5400:-
-
cpe:2.3:h:asus:zenwifi__pro_xt12:-
-
cpe:2.3:h:asus:zenwifi_ac:-
-
cpe:2.3:h:asus:zenwifi_ac_mini:-
-
cpe:2.3:h:asus:zenwifi_ax:-
-
cpe:2.3:h:asus:zenwifi_ax_hybrid:-
-
cpe:2.3:h:asus:zenwifi_ax_mini:-
-
cpe:2.3:h:asus:zenwifi_et8:-
-
cpe:2.3:h:asus:zenwifi_pro_et12:-
-
cpe:2.3:h:asus:zenwifi_xd4s:-
-
cpe:2.3:h:asus:zenwifi_xd5:-
-
cpe:2.3:h:asus:zenwifi_xd6:-
-
cpe:2.3:h:asus:zenwifi_xt9:-
-
cpe:2.3:o:asus:4g-ac53u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:4g-ac68u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rog_rapture_gt-ac2900_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rog_rapture_gt-ac5300_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rog_rapture_gt-ax11000_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1200_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1200e_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1200g+_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1200g_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1200gu_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1200hp_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1300g+_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1300uhp_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1750_b1__firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1750_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1900_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1900p_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac1900u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac2200_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac2400_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac2600_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac2900_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac3100_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac3200_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac51u+_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac51u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac52u_b1_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac5300_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac53_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac55u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac55uhp_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac56r_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac56s_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac56u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac57u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac58u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac65p_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac65u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac66r_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac66u+_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac66u_b1_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac66w_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac68p_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac68r_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac68uf_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac68w_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac85p_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac85u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac87r_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac87u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ac88u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-acrh13_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-acrh17_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ax3000_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ax55_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ax56u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ax58u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ax68u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ax82u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ax86u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ax88u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ax89x_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-ax92u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n12+_b1_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n12d1_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n12e_b1_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n12e_c1_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n12hp_b1_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n12vp_b1_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n14uhp_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n18u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n19_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n66c1_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n66r_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:rt-n66w_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:tuf_gaming_ax3000_v2_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:tuf_gaming_ax5400_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi__pro_xt12_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_ac_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_ac_mini_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_ax_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_ax_hybrid_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_ax_mini_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_et8_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_pro_et12_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_xd4s_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_xd5_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_xd6_firmware:3.0.0.4.386.46061
-
cpe:2.3:o:asus:zenwifi_xt9_firmware:3.0.0.4.386.46061