ASUS RT-AX56U’s SQL handling function has an SQL...
High severity
Unreviewed
Published
Apr 8, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Apr 7, 2022
Published to the GitHub Advisory Database
Apr 8, 2022
Last updated
Jan 27, 2023
ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN attacker to inject arbitrary SQL code to read, modify and delete database.
References