Path Traversal Vulnerability in ASUS RT-AX56U Router Allows Unauthorized Access and File Download

Path Traversal Vulnerability in ASUS RT-AX56U Router Allows Unauthorized Access and File Download

CVE-2022-22054 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files.

Learn more about our Network Penetration Testing.