Heap-based Buffer Overflow Vulnerability in ASUS RT-AC56U Configuration Function
CVE-2022-25596 · HIGH Severity
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations and disrupt service.
Learn more about our Web Application Penetration Testing UK.