{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-59367", "assignerOrgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "state": "PUBLISHED", "assignerShortName": "ASUS", "dateReserved": "2025-09-15T01:36:47.357Z", "datePublished": "2025-11-13T02:09:55.309Z", "dateUpdated": "2025-11-14T04:55:37.062Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "DSL-AC51", "vendor": "ASUS", "versions": [{"status": "affected", "version": "Before 1.1.2.3_1010"}]}, {"defaultStatus": "unaffected", "product": "DSL-N16", "vendor": "ASUS", "versions": [{"status": "affected", "version": "Before 1.1.2.3_1010"}]}, {"defaultStatus": "unaffected", "product": "DSL-AC750", "vendor": "ASUS", "versions": [{"status": "affected", "version": "Before 1.1.2.3_1010"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information.<br>"}], "value": "An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "CWE-288: Authentication Bypass by Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "shortName": "ASUS", "dateUpdated": "2025-11-13T02:09:55.309Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.asus.com/security-advisory"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"references": [{"url": "https://www.asus.com/security-advisory", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-13T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-59367"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-14T04:55:37.062Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-59367", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-11-13T14:28:23.101545Z"}}}], "references": [{"url": "https://www.asus.com/security-advisory", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-13T14:28:25.091Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ASUS", "product": "DSL-AC51", "versions": [{"status": "affected", "version": "Before 1.1.2.3_1010"}], "defaultStatus": "unaffected"}, {"vendor": "ASUS", "product": "DSL-N16", "versions": [{"status": "affected", "version": "Before 1.1.2.3_1010"}], "defaultStatus": "unaffected"}, {"vendor": "ASUS", "product": "DSL-AC750", "versions": [{"status": "affected", "version": "Before 1.1.2.3_1010"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.asus.com/security-advisory", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information.", "supportingMedia": [{"type": "text/html", "value": "An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-288", "description": "CWE-288: Authentication Bypass by Alternate Path or Channel"}]}], "providerMetadata": {"orgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "shortName": "ASUS", "dateUpdated": "2025-11-13T02:09:55.309Z"}}}, "cveMetadata": {"cveId": "CVE-2025-59367", "state": "PUBLISHED", "dateUpdated": "2025-11-14T04:55:37.062Z", "dateReserved": "2025-09-15T01:36:47.357Z", "assignerOrgId": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "datePublished": "2025-11-13T02:09:55.309Z", "assignerShortName": "ASUS"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-ac51_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "09D3E242-53F7-4BE5-9D02-56512FD95835", "versionEndExcluding": "1.1.2.3_1010", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-ac51:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAC348F1-6C46-4637-A27F-D69DD1AC77F5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-n16_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A363206E-339B-4515-ABAA-D558187D3308", "versionEndExcluding": "1.1.2.3_1010", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-n16:-:*:*:*:*:*:*:*", "matchCriteriaId": "FDF90D44-4CD7-4166-A139-9F4A8D14F483", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:dsl-ac750_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "69C7FF0F-A0B6-4AFA-9CCD-6D96678D7E71", "versionEndExcluding": "1.1.2.3_1010", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:dsl-ac750:-:*:*:*:*:*:*:*", "matchCriteriaId": "E54AD746-EEEE-4987-B343-36328D638398", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information."}], "id": "CVE-2025-59367", "lastModified": "2026-02-06T14:47:50.350", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "type": "Secondary"}]}, "published": "2025-11-13T03:16:26.327", "references": [{"source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "tags": ["Vendor Advisory"], "url": "https://www.asus.com/security-advisory"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Vendor Advisory"], "url": "https://www.asus.com/security-advisory"}], "sourceIdentifier": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-288"}], "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-306"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"created": "2025-11-13T09:52:05.164482+00:00", "updated": "2025-11-13T09:52:05.164526+00:00", "vendors": ["asus", "asus$PRODUCT$dsl-ac51", "asus$PRODUCT$dsl-ac750", "asus$PRODUCT$dsl-n16"]}