CVE-2024-3080

EUVD-2024-31686
Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
asusrt-ax58u_firmware
𝑥
< 3.0.0.4.388_24762
ADP
asusrt-ax88u_firmware
𝑥
< 3.0.0.4.388_24209
ADP
asusrt-ax57_firmware
𝑥
< 3.0.0.4.386_52294
ADP
asusrt-ac86u_firmware
𝑥
< 3.0.0.4.386_51915
ADP
asusrt-ac68u_firmware
𝑥
< 3.0.0.4.386_51668
ADP
asuszenwifi_xt8_firmware
𝑥
< 3.0.0.4.388_24609
ADP
asuszenwifi_xt8_v2_firmware
𝑥
< 3.0.0.4.388_24609
ADP
Common Weakness Enumeration
References
https://www.twcert.org.tw/en/cp-139-7860-760b1-2.html
https://www.twcert.org.tw/tw/cp-132-7859-0e104-1.html
https://www.twcert.org.tw/en/cp-139-7860-760b1-2.html
https://www.twcert.org.tw/tw/cp-132-7859-0e104-1.html