ID
VAR-202204-1409
CVE
CVE-2022-25595
TITLE
ASUS RT-AC86U Input Validation Error Vulnerability
Trust: 1.2
sources:
CNVD: CNVD-2022-31520 //
CNNVD: CNNVD-202204-2609
DESCRIPTION
ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to cause a denial of service by sending particular request a server-to-client reply attempt. ASUSTeK Computer Inc. of RT-AC86U There is an input validation vulnerability in firmware.Service operation interruption (DoS) It may be in a state. ASUS RT-AC86U is a dual-band Wi-Fi router from ASUS China
Trust: 2.16
sources:
NVD: CVE-2022-25595 //
JVNDB: JVNDB-2022-007788 //
CNVD: CNVD-2022-31520
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2022-31520
AFFECTED PRODUCTS
| vendor: | asus | model: | rt-ac86u | scope: | eq | version: | 3.0.0.4.386.45956 | Trust: 1.6 |
| vendor: | asustek computer | model: | rt-ac86u | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | asustek computer | model: | rt-ac86u | scope: | eq | version: | rt-ac86u firmware 3.0.0.4.386.45956 | Trust: 0.8 |
| vendor: | asustek computer | model: | rt-ac86u | scope: | - | version: | - | Trust: 0.8 |
sources:
CNVD: CNVD-2022-31520 //
JVNDB: JVNDB-2022-007788 //
NVD: CVE-2022-25595
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2022-31520 //
JVNDB: JVNDB-2022-007788 //
CNNVD: CNNVD-202204-2609 //
NVD: CVE-2022-25595 //
NVD: CVE-2022-25595
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.0 |
| problemtype: | Inappropriate input confirmation (CWE-20) [NVD evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-007788 //
NVD: CVE-2022-25595
THREAT TYPE
remote or local
Trust: 0.6
sources:
CNNVD: CNNVD-202204-2609
TYPE
input validation error
Trust: 0.6
sources:
CNNVD: CNNVD-202204-2609
PATCH
| title: | Patch for ASUS RT-AC86U Input Validation Error Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/330246 | Trust: 0.6 |
sources:
CNVD: CNVD-2022-31520
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-25595 | Trust: 3.8 |
| db: | JVNDB | id: | JVNDB-2022-007788 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2022-31520 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202204-2609 | Trust: 0.6 |
sources:
CNVD: CNVD-2022-31520 //
JVNDB: JVNDB-2022-007788 //
CNNVD: CNNVD-202204-2609 //
NVD: CVE-2022-25595
REFERENCES
| url: | https://www.twcert.org.tw/tw/cp-132-5792-3f3f5-1.html | Trust: 2.4 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-25595 | Trust: 1.4 |
| url: | https://cxsecurity.com/cveshow/cve-2022-25595/ | Trust: 0.6 |
sources:
CNVD: CNVD-2022-31520 //
JVNDB: JVNDB-2022-007788 //
CNNVD: CNNVD-202204-2609 //
NVD: CVE-2022-25595
SOURCES
| db: | CNVD | id: | CNVD-2022-31520 |
| db: | JVNDB | id: | JVNDB-2022-007788 |
| db: | CNNVD | id: | CNNVD-202204-2609 |
| db: | NVD | id: | CVE-2022-25595 |
LAST UPDATE DATE
2024-11-23T23:03:52.916000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2022-31520 | date: | 2022-04-22T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-007788 | date: | 2023-07-20T08:14:00 |
| db: | CNNVD | id: | CNNVD-202204-2609 | date: | 2022-04-15T00:00:00 |
| db: | NVD | id: | CVE-2022-25595 | date: | 2024-11-21T06:52:24.400 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2022-31520 | date: | 2022-04-22T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-007788 | date: | 2023-07-20T00:00:00 |
| db: | CNNVD | id: | CNNVD-202204-2609 | date: | 2022-04-07T00:00:00 |
| db: | NVD | id: | CVE-2022-25595 | date: | 2022-04-07T19:15:08.757 |