CVE-2023-33548

EUVD-2023-37705
Cross Site Scripting (XSS) vulnerability in ASUS RT-AC51U with firmware versions up to and including 3.0.0.4.380.8591 allows attackers to run arbitrary code via the WPA Pre-Shared Key field.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
asusrt-ac51u_firmware
𝑥
≤ 3.0.0.4.380.8591
ADP
Common Weakness Enumeration
References
https://github.com/Idaht/ASUS_RT-AC51U_CVE/blob/main/XSS%20-%20WPA%20Pre-Shared%20Key
https://github.com/Idaht/ASUS_RT-AC51U_CVE/blob/main/XSS%20-%20WPA%20Pre-Shared%20Key