{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-41349", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "state": "PUBLISHED", "assignerShortName": "twcert", "dateReserved": "2023-08-29T00:11:47.812Z", "datePublished": "2023-09-18T02:36:30.234Z", "dateUpdated": "2024-09-25T15:39:19.468Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "RT-AX88U", "vendor": "ASUS", "versions": [{"lessThan": "3.0.0.4_388_23748", "status": "affected", "version": " ", "versionType": "custom"}]}], "datePublic": "2023-09-18T02:36:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack,</span><span style=\"background-color: rgb(255, 255, 255);\"> resulting</span> in sensitivity information leakage<span style=\"background-color: rgb(255, 255, 255);\">, or forcing the device to reset and permanent denial of service.</span>\n\n"}], "value": "\nASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity information leakage, or forcing the device to reset and permanent denial of service.\n\n"}], "impacts": [{"capecId": "CAPEC-135", "descriptions": [{"lang": "en", "value": "CAPEC-135 Format String Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-134", "description": "CWE-134 Use of Externally-Controlled Format String", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2023-09-18T02:36:30.234Z"}, "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-7371-aecf1-1.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update the version to&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">3.0.0.4_388_23748 or later.</span>"}], "value": "Update the version to\u00a03.0.0.4_388_23748 or later."}], "source": {"advisory": "TVN-202309010", "discovery": "EXTERNAL"}, "title": "ASUS RT-AX88U - externally-controlled format string", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:01:34.257Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-7371-aecf1-1.html", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "asus", "product": "rt-ax88u", "cpes": ["cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "3.0.0.4_388_23748", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-25T15:36:46.125305Z", "id": "CVE-2023-41349", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-25T15:39:19.468Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-7371-aecf1-1.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:01:34.257Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-41349", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-25T15:36:46.125305Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*"], "vendor": "asus", "product": "rt-ax88u", "versions": [{"status": "affected", "version": "0", "lessThan": "3.0.0.4_388_23748", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-25T15:37:53.518Z"}}], "cna": {"title": "ASUS RT-AX88U - externally-controlled format string", "source": {"advisory": "TVN-202309010", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-135", "descriptions": [{"lang": "en", "value": "CAPEC-135 Format String Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ASUS", "product": "RT-AX88U", "versions": [{"status": "affected", "version": " ", "lessThan": "3.0.0.4_388_23748", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update the version to\u00a03.0.0.4_388_23748 or later.", "supportingMedia": [{"type": "text/html", "value": "Update the version to&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">3.0.0.4_388_23748 or later.</span>", "base64": false}]}], "datePublic": "2023-09-18T02:36:00.000Z", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-7371-aecf1-1.html"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity information leakage, or forcing the device to reset and permanent denial of service.\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack,</span><span style=\"background-color: rgb(255, 255, 255);\"> resulting</span> in sensitivity information leakage<span style=\"background-color: rgb(255, 255, 255);\">, or forcing the device to reset and permanent denial of service.</span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-134", "description": "CWE-134 Use of Externally-Controlled Format String"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2023-09-18T02:36:30.234Z"}}}, "cveMetadata": {"cveId": "CVE-2023-41349", "state": "PUBLISHED", "dateUpdated": "2024-09-25T15:39:19.468Z", "dateReserved": "2023-08-29T00:11:47.812Z", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "datePublished": "2023-09-18T02:36:30.234Z", "assignerShortName": "twcert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "478237D3-96B5-45FA-8953-006AA06B5AE8", "versionEndExcluding": "3.0.0.4.388.23748", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity information leakage, or forcing the device to reset and permanent denial of service.\n\n"}, {"lang": "es", "value": "El router ASUS RT-AX88U tiene una vulnerabilidad de uso de cadenas de formato controlables externamente dentro de su funci\u00f3n Advanced Open VPN. Un atacante remoto autenticado puede aprovechar la configuraci\u00f3n de OpenVPN exportada para ejecutar un ataque de cadena de formato controlado externamente, lo que resulta en una fuga de informaci\u00f3n sensible o obliga al dispositivo a reiniciarse y a la denegaci\u00f3n de servicio permanente. "}], "id": "CVE-2023-41349", "lastModified": "2024-11-21T08:21:07.613", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "twcert@cert.org.tw", "type": "Secondary"}]}, "published": "2023-09-18T03:15:08.113", "references": [{"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-7371-aecf1-1.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-7371-aecf1-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "twcert@cert.org.tw", "type": "Secondary"}]}

{}

{}