SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  ASUS ExpertWiFi Remote Code Execution

Category: IoT-ATTACKS      

ASUS ExpertWiFi EBM63, EBM68, and RT-AX57 Go firmwares before the 12-04-2024 patch contain a command injection vulnerability in splash_page_SDN.cgi function. If exploited, this vulnerability allows an authenticated user to abuse a ASUS Wifi service, resulting in arbitrary code execution. Prerequisite The vulnerability is an authenticated RCE, users of this script are required to first retrieve the login token (value of asus_token from the cookie header) of the target.


Relevant Information