CVE-2024-0401

CVSS V2 None CVSS V3 None
Description
ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U, ASUS RT-AC67U, ASUS RT-AC68R, ASUS RT-AC68U, ASUS RT-AX86, ASUS RT-AC86U, ASUS RT-AX88U, and ASUS RT-AX3000.
Overview
  • CVE ID
  • CVE-2024-0401
  • Assigner
  • VulnCheck
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-05-20T16:55:18.891Z
  • Last Modified Date
  • 2024-06-04T17:58:40.749Z
References
Reference URL Reference Tags
https://vulncheck.com/advisories/asus-ovpn-rce third-party-advisory
History
Created Old Value New Value Data Type Notes
2024-06-26 10:37:11 Added to TrackCVE