Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ASUS RT-AC86U - Command Injection
Vulnerability Description
ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN attacker to perform command injection attack, execute arbitrary commands and disrupt or terminate service.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
ASUS RT-AC86U 安全漏洞
Vulnerability Description
ASUS RT-AC86U是中国华硕(ASUS)公司的一款双频 Wi-Fi 路由器。 ASUS RT-AC86U 存在安全漏洞,该漏洞源于 LPD 服务对用户请求中的特殊字符过滤不足,未经身份验证的 LAN 攻击者可以进行命令注入攻击,执行任意命令并中断或终止服务。
CVSS Information
N/A
Vulnerability Type
N/A