An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
History
21 Nov 2024, 06:26
Type | Values Removed | Values Added |
---|---|---|
References | () http://asus.com - Vendor Advisory | |
References | () https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios - Product, Vendor Advisory | |
References | () https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/ - Product, Vendor Advisory | |
References | () https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/ - Product, Vendor Advisory | |
References | () https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/ - Product, Vendor Advisory | |
References | () https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/ - Product, Vendor Advisory | |
References | () https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/ - Product, Vendor Advisory | |
References | () https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/ - Product, Vendor Advisory |
23 Nov 2021, 18:29
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:asus:rt-ax55_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax58u_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:asus:tuf_gaming_ax3000:-:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax82u_gundam_edition:-:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax56u_v2:-:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax92u_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:asus:tuf-ax5400_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:asus:zenwifi_xd6_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:* cpe:2.3:o:asus:tuf_gaming_ax3000_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax86s:-:*:*:*:*:*:*:* cpe:2.3:h:asus:zenwifi_xd6:-:*:*:*:*:*:*:* cpe:2.3:h:asus:zenwifi_ax_\(xt8\):-:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax86u_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:asus:tuf-ax5400:-:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax86s_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax82u_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax56u_v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax82u_gundam_edition_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax56u_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax86u_zaku_ii_edition_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:asus:gt-ax11000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax3000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:asus:zenwifi_ax_\(xt8\)_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:asus:rt-ax68u_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:asus:rt-ax86u_zaku_ii_edition:-:*:*:*:*:*:*:* |
|
CWE | CWE-444 | |
References | (MISC) https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/ - Product, Vendor Advisory | |
References | (MISC) https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/ - Product, Vendor Advisory | |
References | (MISC) https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios - Product, Vendor Advisory | |
References | (MISC) https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/ - Product, Vendor Advisory | |
References | (MISC) https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/ - Product, Vendor Advisory | |
References | (MISC) http://asus.com - Vendor Advisory | |
References | (MISC) https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/ - Product, Vendor Advisory | |
References | (MISC) https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/ - Product, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.8
v3 : 7.5 |
19 Nov 2021, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-11-19 12:15
Updated : 2024-11-21 06:26
NVD link : CVE-2021-41436
Mitre link : CVE-2021-41436
CVE.ORG link : CVE-2021-41436
JSON object : View
Products Affected
asus
- gt-ax11000_firmware
- rt-ax86u_zaku_ii_edition_firmware
- rt-ax82u_gundam_edition_firmware
- zenwifi_ax_\(xt8\)_firmware
- rt-ax86s
- rt-ax86u
- rt-ax56u
- rt-ax58u
- rt-ax92u
- zenwifi_ax_\(xt8\)
- rt-ax88u
- rt-ax3000
- rt-ax3000_firmware
- tuf_gaming_ax3000
- rt-ax86u_zaku_ii_edition
- tuf-ax5400
- rt-ax56u_firmware
- rt-ax82u_gundam_edition
- rt-ax55
- zenwifi_xd6_firmware
- rt-ax56u_v2_firmware
- rt-ax82u
- rt-ax86s_firmware
- rt-ax82u_firmware
- rt-ax55_firmware
- rt-ax68u
- zenwifi_xd6
- rt-ax68u_firmware
- gt-ax11000
- rt-ax56u_v2
- rt-ax86u_firmware
- tuf_gaming_ax3000_firmware
- rt-ax58u_firmware
- rt-ax92u_firmware
- tuf-ax5400_firmware
- rt-ax88u_firmware
CWE
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')