ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general user privilege can inject SQL command to specific API parameters to acquire database schema or access data.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-6056-b0d90-1.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2022-04-26T00:00:00
Updated: 2022-06-20T05:30:30
Reserved: 2022-03-08T00:00:00
Link: CVE-2022-26669
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-20T06:15:08.903
Modified: 2022-06-27T18:45:05.067
Link: CVE-2022-26669
JSON object: View
Redhat Information
No data.
CWE