ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN attacker to inject arbitrary SQL code to read, modify and delete database.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-5786-d2e86-1.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2022-03-02T00:00:00
Updated: 2022-04-07T18:22:27
Reserved: 2022-01-26T00:00:00
Link: CVE-2022-23972
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-07T19:15:08.593
Modified: 2022-04-14T15:42:03.603
Link: CVE-2022-23972
JSON object: View
Redhat Information
No data.
CWE