ASUS RT-AX56U V2 & RT-AC86U router firmwares below or equal to version 3.0.0.4.386_50460 and 3.0.0.4_386_51529 respectively have a format string vulnerability in the detwan.cgi function of the httpd service that can cause code execution when an attacker constructs malicious data. The vulnerability affects also other ASUS devices using httpd service.
What do you think?
It is nice to know your opinion. Leave a comment.