CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-22054

ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 3.3

References

https://www.twcert.org.tw/tw/cp-132-5508-59251-1.html
https://www.twcert.org.tw/tw/cp-132-5508-59251-1.html

Products affected by CVE-2022-22054

Asus » Rt-Ax56u » Version: N/A

cpe:2.3:h:asus:rt-ax56u:-
Asus » Rt-Ax56u Firmware » Version: 3.0.0.4.386.44266

cpe:2.3:o:asus:rt-ax56u_firmware:3.0.0.4.386.44266

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-22054

Products

Pricing

Contact Us