Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-41436

An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet.

Published

2021-11-19T12:15:09.390

Last Modified

2024-11-21T06:26:15.047

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

6.9

Weaknesses

Type: Primary
CWE-444

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	asus	gt-ax11000_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	gt-ax11000	-	No
Operating System	asus	rt-ax3000_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax3000	-	No
Operating System	asus	rt-ax55_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax55	-	No
Operating System	asus	rt-ax56u_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax56u	-	No
Operating System	asus	rt-ax56u_v2_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax56u_v2	-	No
Operating System	asus	rt-ax58u_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax58u	-	No
Operating System	asus	rt-ax82u_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax82u	-	No
Operating System	asus	rt-ax82u_gundam_edition_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax82u_gundam_edition	-	No
Operating System	asus	rt-ax82u_gundam_edition_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax82u_gundam_edition	-	No
Operating System	asus	rt-ax86u_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax86u	-	No
Operating System	asus	rt-ax86s_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax86s	-	No
Operating System	asus	rt-ax86u_zaku_ii_edition_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax86u_zaku_ii_edition	-	No
Operating System	asus	rt-ax88u_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax88u	-	No
Operating System	asus	rt-ax92u_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	rt-ax92u	-	No
Operating System	asus	tuf_gaming_ax3000_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	tuf_gaming_ax3000	-	No
Operating System	asus	tuf-ax5400_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	tuf-ax5400	-	No
Operating System	asus	zenwifi_xd6_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	zenwifi_xd6	-	No
Operating System	asus	zenwifi_ax_\(xt8\)_firmware	< 3.0.0.4.386.45898	Yes
Hardware	asus	zenwifi_ax_\(xt8\)	-	No
Operating System	asus	rt-ax68u_firmware	< 3.0.0.4.386.45911	Yes
Hardware	asus	rt-ax68u	-	No

References

http://asus.com Vendor Advisory ([email protected])
https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios Product, Vendor Advisory ([email protected])
https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/ Product, Vendor Advisory ([email protected])
https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/ Product, Vendor Advisory ([email protected])
https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/ Product, Vendor Advisory ([email protected])
https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/ Product, Vendor Advisory ([email protected])
https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/ Product, Vendor Advisory ([email protected])
https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/ Product, Vendor Advisory ([email protected])
http://asus.com Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios Product, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/ Product, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/ Product, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/ Product, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/ Product, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/ Product, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/ Product, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)