An authentication bypass vulnerability exists in the get_IFTTTTtoken.cgi functionality of Asus RT-AX82U 3.0.0.4.386_49674-ge182230. A specially-crafted HTTP request can lead to full administrative access to the device. An attacker would need to send a series of HTTP requests to exploit this vulnerability.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1586 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: talos
Published: 2023-01-10T20:44:50.554Z
Updated:
Reserved: 2022-07-26T18:51:32.220Z
Link: CVE-2022-35401
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-01-10T21:15:11.617
Modified: 2023-01-14T04:34:51.840
Link: CVE-2022-35401
JSON object: View
Redhat Information
No data.