ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity information leakage, or forcing the device to reset and permanent denial of service.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.twcert.org.tw/tw/cp-132-7371-aecf1-1.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2023-09-18T02:36:30.234Z
Updated: 2024-08-02T19:01:34.257Z
Reserved: 2023-08-29T00:11:47.812Z
Link: CVE-2023-41349
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-18T03:15:08.113
Modified: 2023-09-19T21:23:04.903
Link: CVE-2023-41349
Redhat
No data.