Cyber Resilience

CVE-2023-35086

High

Published: 21 July 2023

Published
21 July 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.7589 98.9th percentile
Risk Priority 60 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-35086 is a high-severity Use of Externally-Controlled Format String (CWE-134) vulnerability in Asus Rt-Ac86U Firmware. Its CVSS base score is 7.2 (High).

Operationally, ranked in the top 1.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

A format string vulnerability exists in the do_detwan_cgi module of httpd on ASUS RT-AX56U V2 and RT-AC86U routers. The flaw is caused by the logmessage_normal function directly passing untrusted input as a format string to syslog and affects firmware versions 3.0.0.4.386_50460 on the RT-AX56U V2 and 3.0.0.4_386_51529 on the RT-AC86U.

A remote attacker who already possesses administrator credentials can exploit the weakness over the network to achieve arbitrary code execution, arbitrary system operations, or denial of service.

Public advisories published by TWCERT at the referenced URLs describe the issue and affected firmware but do not provide additional mitigation details beyond the CVE record. The associated EPSS score has remained at its peak value of 0.7589 since disclosure.

EU & UK References

Vulnerability details

It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessage_normal function, in the do_detwan_cgi module of httpd. A remote attacker…

more

with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service. This issue affects RT-AX56U V2: 3.0.0.4.386_50460; RT-AC86U: 3.0.0.4_386_51529.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

asus
rt-ac86u firmware
3.0.0.4_386_51529
asus
rt-ax56u v2 firmware
3.0.0.4.386_50460

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References