9

CVE-2021-43702

Exploit

ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.

Data is provided by the National Vulnerability Database (NVD)
AsusZenwifi Xd4s Firmware Version3.0.0.4.386.46061
   AsusZenwifi Xd4s Version-
AsusZenwifi Xt9 Firmware Version3.0.0.4.386.46061
   AsusZenwifi Xt9 Version-
AsusZenwifi Xd5 Firmware Version3.0.0.4.386.46061
   AsusZenwifi Xd5 Version-
AsusZenwifi Pro Et12 Firmware Version3.0.0.4.386.46061
   AsusZenwifi Pro Et12 Version-
AsusZenwifi Pro Xt12 Firmware Version3.0.0.4.386.46061
   AsusZenwifi Pro Xt12 Version-
AsusZenwifi Ax Hybrid Firmware Version3.0.0.4.386.46061
   AsusZenwifi Ax Hybrid Version-
AsusZenwifi Et8 Firmware Version3.0.0.4.386.46061
   AsusZenwifi Et8 Version-
AsusZenwifi Xd6 Firmware Version3.0.0.4.386.46061
   AsusZenwifi Xd6 Version-
AsusZenwifi Ac Mini Firmware Version3.0.0.4.386.46061
   AsusZenwifi Ac Mini Version-
AsusZenwifi Ax Mini Firmware Version3.0.0.4.386.46061
   AsusZenwifi Ax Mini Version-
AsusZenwifi Ax Firmware Version3.0.0.4.386.46061
   AsusZenwifi Ax Version-
AsusZenwifi Ac Firmware Version3.0.0.4.386.46061
   AsusZenwifi Ac Version-
AsusRt-ac66u B1 Firmware Version3.0.0.4.386.46061
   AsusRt-ac66u B1 Version-
AsusRt-ax88u Firmware Version3.0.0.4.386.46061
   AsusRt-ax88u Version-
AsusRt-ax82u Firmware Version3.0.0.4.386.46061
   AsusRt-ax82u Version-
AsusRt-ax89x Firmware Version3.0.0.4.386.46061
   AsusRt-ax89x Version-
AsusRt-ax92u Firmware Version3.0.0.4.386.46061
   AsusRt-ax92u Version-
AsusRt-ax86u Firmware Version3.0.0.4.386.46061
   AsusRt-ax86u Version-
AsusRt-ax68u Firmware Version3.0.0.4.386.46061
   AsusRt-ax68u Version-
AsusRt-ax82u Firmware Version3.0.0.4.386.46061
   AsusRt-ax82u Version-
AsusRt-ax3000 Firmware Version3.0.0.4.386.46061
   AsusRt-ax3000 Version-
AsusRt-ax58u Firmware Version3.0.0.4.386.46061
   AsusRt-ax58u Version-
AsusRt-ax55 Firmware Version3.0.0.4.386.46061
   AsusRt-ax55 Version-
AsusRt-ax56u Firmware Version3.0.0.4.386.46061
   AsusRt-ax56u Version-
AsusRt-ac66u+ Firmware Version3.0.0.4.386.46061
   AsusRt-ac66u+ Version-
AsusRog Rapture Gt-ac5300 Firmware Version3.0.0.4.386.46061
   AsusRog Rapture Gt-ac5300 Version-
AsusRog Rapture Gt-ax11000 Firmware Version3.0.0.4.386.46061
   AsusRog Rapture Gt-ax11000 Version-
AsusRog Rapture Gt-ac2900 Firmware Version3.0.0.4.386.46061
   AsusRog Rapture Gt-ac2900 Version-
AsusRt-ac1300uhp Firmware Version3.0.0.4.386.46061
   AsusRt-ac1300uhp Version-
AsusRt-ac1300g+ Firmware Version3.0.0.4.386.46061
   AsusRt-ac1300g+ Version-
AsusTuf Gaming Ax5400 Firmware Version3.0.0.4.386.46061
   AsusTuf Gaming Ax5400 Version-
AsusTuf Gaming Ax3000 V2 Firmware Version3.0.0.4.386.46061
   AsusTuf Gaming Ax3000 V2 Version-
AsusRt-ac1200 Firmware Version3.0.0.4.386.46061
   AsusRt-ac1200 Version-
AsusRt-ac5300 Firmware Version3.0.0.4.386.46061
   AsusRt-ac5300 Version-
AsusRt-ac1200g Firmware Version3.0.0.4.386.46061
   AsusRt-ac1200g Version-
AsusRt-ac1200hp Firmware Version3.0.0.4.386.46061
   AsusRt-ac1200hp Version-
AsusRt-ac1200g+ Firmware Version3.0.0.4.386.46061
   AsusRt-ac1200g+ Version-
AsusRt-ac1200e Firmware Version3.0.0.4.386.46061
   AsusRt-ac1200e Version-
AsusRt-ac1200gu Firmware Version3.0.0.4.386.46061
   AsusRt-ac1200gu Version-
AsusRt-ac3100 Firmware Version3.0.0.4.386.46061
   AsusRt-ac3100 Version-
AsusRt-ac58u Firmware Version3.0.0.4.386.46061
   AsusRt-ac58u Version-
AsusRt-ac88u Firmware Version3.0.0.4.386.46061
   AsusRt-ac88u Version-
AsusRt-ac56u Firmware Version3.0.0.4.386.46061
   AsusRt-ac56u Version-
AsusRt-ac56r Firmware Version3.0.0.4.386.46061
   AsusRt-ac56r Version-
AsusRt-ac56s Firmware Version3.0.0.4.386.46061
   AsusRt-ac56s Version-
AsusRt-ac3200 Firmware Version3.0.0.4.386.46061
   AsusRt-ac3200 Version-
AsusRt-ac55u Firmware Version3.0.0.4.386.46061
   AsusRt-ac55u Version-
AsusRt-ac2900 Firmware Version3.0.0.4.386.46061
   AsusRt-ac2900 Version-
AsusRt-ac55uhp Firmware Version3.0.0.4.386.46061
   AsusRt-ac55uhp Version-
AsusRt-ac2600 Firmware Version3.0.0.4.386.46061
   AsusRt-ac2600 Version-
AsusRt-ac53 Firmware Version3.0.0.4.386.46061
   AsusRt-ac53 Version-
AsusRt-ac2400 Firmware Version3.0.0.4.386.46061
   AsusRt-ac2400 Version-
AsusRt-ac52u B1 Firmware Version3.0.0.4.386.46061
   AsusRt-ac52u B1 Version-
AsusRt-ac2200 Firmware Version3.0.0.4.386.46061
   AsusRt-ac2200 Version-
AsusRt-ac51u Firmware Version3.0.0.4.386.46061
   AsusRt-ac51u Version-
AsusRt-ac51u+ Firmware Version3.0.0.4.386.46061
   AsusRt-ac51u+ Version-
AsusRt-ac87u Firmware Version3.0.0.4.386.46061
   AsusRt-ac87u Version-
AsusRt-ac87r Firmware Version3.0.0.4.386.46061
   AsusRt-ac87r Version-
AsusRt-acrh17 Firmware Version3.0.0.4.386.46061
   AsusRt-acrh17 Version-
AsusRt-ac86u Firmware Version3.0.0.4.386.46061
   AsusRt-ac86u Version-
AsusRt-acrh13 Firmware Version3.0.0.4.386.46061
   AsusRt-acrh13 Version-
AsusRt-ac85u Firmware Version3.0.0.4.386.46061
   AsusRt-ac85u Version-
AsusRt-n66u Firmware Version3.0.0.4.386.46061
   AsusRt-n66u Version-
AsusRt-n66r Firmware Version3.0.0.4.386.46061
   AsusRt-n66r Version-
AsusRt-n66w Firmware Version3.0.0.4.386.46061
   AsusRt-n66w Version-
AsusRt-n66c1 Firmware Version3.0.0.4.386.46061
   AsusRt-n66c1 Version-
AsusRt-ac85p Firmware Version3.0.0.4.386.46061
   AsusRt-ac85p Version-
AsusRt-n18u Firmware Version3.0.0.4.386.46061
   AsusRt-n18u Version-
AsusRt-ac65p Firmware Version3.0.0.4.386.46061
   AsusRt-ac65p Version-
AsusRt-n19 Firmware Version3.0.0.4.386.46061
   AsusRt-n19 Version-
AsusRt-ac57u Firmware Version3.0.0.4.386.46061
   AsusRt-ac57u Version-
AsusRt-n14uhp Firmware Version3.0.0.4.386.46061
   AsusRt-n14uhp Version-
AsusRt-ac68u Firmware Version3.0.0.4.386.46061
   AsusRt-ac68u Version-
AsusRt-ac68r Firmware Version3.0.0.4.386.46061
   AsusRt-ac68r Version-
AsusRt-ac68p Firmware Version3.0.0.4.386.46061
   AsusRt-ac68p Version-
AsusRt-ac68w Firmware Version3.0.0.4.386.46061
   AsusRt-ac68w Version-
AsusRt-ac68uf Firmware Version3.0.0.4.386.46061
   AsusRt-ac68uf Version-
AsusRt-n12e B1 Firmware Version3.0.0.4.386.46061
   AsusRt-n12e B1 Version-
AsusRt-n12e C1 Firmware Version3.0.0.4.386.46061
   AsusRt-n12e C1 Version-
AsusRt-ac65u Firmware Version3.0.0.4.386.46061
   AsusRt-ac65u Version-
AsusRt-n12hp B1 Firmware Version3.0.0.4.386.46061
   AsusRt-n12hp B1 Version-
AsusRt-ac1900 Firmware Version3.0.0.4.386.46061
   AsusRt-ac1900 Version-
AsusRt-n12vp B1 Firmware Version3.0.0.4.386.46061
   AsusRt-n12vp B1 Version-
AsusRt-ac1900p Firmware Version3.0.0.4.386.46061
   AsusRt-ac1900p Version-
AsusRt-ac1900u Firmware Version3.0.0.4.386.46061
   AsusRt-ac1900u Version-
AsusRt-n12+ B1 Firmware Version3.0.0.4.386.46061
   AsusRt-n12+ B1 Version-
AsusRt-ac1750 Firmware Version3.0.0.4.386.46061
   AsusRt-ac1750 Version-
AsusRt-n12d1 Firmware Version3.0.0.4.386.46061
   AsusRt-n12d1 Version-
AsusRt-ac1750 B1 Firmware Version3.0.0.4.386.46061
   AsusRt-ac1750 B1 Version-
Asus4g-ac53u Firmware Version3.0.0.4.386.46061
   Asus4g-ac53u Version-
AsusRt-ac66u Firmware Version3.0.0.4.386.46061
   AsusRt-ac66u Version-
AsusRt-ac66r Firmware Version3.0.0.4.386.46061
   AsusRt-ac66r Version-
AsusRt-ac66w Firmware Version3.0.0.4.386.46061
   AsusRt-ac66w Version-
Asus4g-ac68u Firmware Version3.0.0.4.386.46061
   Asus4g-ac68u Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.52% 0.658
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9 2.3 6
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
nvd@nist.gov 3.5 6.8 2.9
AV:N/AC:M/Au:S/C:N/I:P/A:N
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.