ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity information leakage, or forcing the device to reset and permanent denial of service.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-7371-aecf1-1.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2023-09-18T02:36:30.234Z
Updated: 2023-09-18T02:36:30.234Z
Reserved: 2023-08-29T00:11:47.812Z
Link: CVE-2023-41349
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-18T03:15:08.113
Modified: 2023-09-19T21:23:04.903
Link: CVE-2023-41349
JSON object: View
Redhat Information
No data.
CWE