ASUS RT-A88U 3.0.0.4.386_45898 - Stored Cross Site Scripting (XSS) Vulnerability in WiFI Logs

ASUS RT-A88U 3.0.0.4.386_45898 - Stored Cross Site Scripting (XSS) Vulnerability in WiFI Logs

CVE-2021-43702 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device.

Learn more about our Web Application Penetration Testing UK.