CVE-2024-11985

Summary

An improper input validation vulnerability leads to device crashes in certain ASUS router models. Refer to the '12/03/2024 ASUS Router Improper Input Validation' section on the ASUS Security Advisory for more information.

Affected Software

VendorProductVersion RangeStatus
ASUSRT-AX55before 3.0.0.4.386_52332affected
ASUSRT-AX55 V2before 3.0.0.4.386_52332affected
ASUSRT-AX56Ubefore 3.0.0.4.386_51712affected
ASUSRT-AX56U_V2before 3.0.0.4.386_52332affected
ASUSRT-AX57before 3.0.0.4.386_52332affected
ASUSRT-AX58Ubefore 3.0.0.4_388_25127affected
ASUSRT-AX58U V2before 3.0.0.4_388_25127affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References