TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center-ASUS RT-AX56U Router

ASUS RT-AX56U Router – Stack-based buffer overflow

TVN ID	TVN-202112001
CVE ID	CVE-2021-44158
CVSS	8.0 (High) CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products	ASUS RT-AX56U firmware version 3.0.0.4.386.44266
Description	ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service.
Solution	ASUS RT-AX56U firmware update version to 3.0.0.4.386.45898
Credit	Jixing Wang
Public Date	2022-01-03

ASUS RT-AX56U Router – Stack-based buffer overflow