Heap-based Buffer Overflow Vulnerability in ASUS RT-AC56U Configuration Function

Heap-based Buffer Overflow Vulnerability in ASUS RT-AC56U Configuration Function

CVE-2022-25596 · HIGH Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations and disrupt service.

Learn more about our Web Application Penetration Testing UK.