Asus Security Vulnerabilities (CVEs)
Track 39 security vulnerabilities affecting Asus products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows a local attacker to execute arbitrary code by tricking AsusSoftwareManagerAgent into loading a malicious DLL from a controll...
Jan 6, 2026This CVE describes a supply chain compromise where unauthorized modifications were introduced into certain ASUS Live Update client versions. The modif...
Dec 17, 2025This authentication bypass vulnerability in certain ASUS DSL series routers allows remote attackers to gain unauthorized administrative access without...
Nov 13, 2025This stored cross-site scripting (XSS) vulnerability in ASUS Download Master allows remote attackers with administrative privileges to inject maliciou...
Jun 14, 2024This vulnerability in ASUS Download Master allows authenticated administrators to upload arbitrary files to any location on the system due to improper...
Jun 14, 2024This vulnerability allows attackers to escalate privileges and execute arbitrary code by sending crafted IOCTL requests to the AslO3_64.sys driver in ...
May 22, 2024CVE-2023-5716 is a critical vulnerability in ASUS Armoury Crate software that allows remote attackers to write arbitrary files to the system without a...
Jan 19, 2024An improper access control vulnerability in ASUS RT-AC87U routers allows attackers to read or write files via TFTP connections. This affects all versi...
Nov 15, 2023This vulnerability in ASUS RT-AX55 routers allows authenticated remote attackers to inject malicious commands through insufficient filtering of specia...
Nov 3, 2023This vulnerability in ASUS RT-AX55 routers allows authenticated remote attackers to inject malicious commands through insufficient filtering of specia...
Nov 3, 2023This vulnerability in ASUS RT-AX88U routers allows authenticated remote attackers to exploit format string weaknesses in the Advanced OpenVPN function...
Sep 18, 2023This vulnerability allows authenticated attackers on ASUS RT-AX55 routers to execute arbitrary operating system commands by injecting malicious input ...
Sep 11, 2023ASUS RT-AC66U B1 routers transmit sensitive information without encryption, allowing attackers on the same network to intercept credentials and config...
Aug 8, 2023This vulnerability allows remote unauthenticated attackers to cause a denial-of-service condition on ASUS RT-AX88U routers by sending a specially craf...
Jul 31, 2023A format string vulnerability in ASUS AiMesh system allows unauthenticated remote attackers to execute arbitrary code on affected routers. This affect...
Jul 21, 2023A format string vulnerability in ASUS RT-AX56U V2 and RT-AC86U routers allows remote attackers with administrator privileges to execute arbitrary code...
Jul 21, 2023A stack-based buffer overflow vulnerability in ASUS RT-AC86U routers allows remote attackers with administrator privileges to execute arbitrary system...
Jun 2, 2023This vulnerability in ASUS ASMB8 iKVM firmware allows remote attackers to execute arbitrary code via SNMP commands that create malicious extensions. A...
Feb 26, 2023This vulnerability in ASUS EC Tool driver allows local users to gain elevated privileges by exploiting unprivileged IOCTL calls that provide raw read/...
Feb 15, 2023This vulnerability allows remote attackers to write arbitrary files on ASUS RT-AC68U routers via improper input sanitization in Cloud Disk's COPY and ...
Feb 3, 2023This CVE describes a directory traversal vulnerability in ASUS RT-AC68U router's Cloud Disk feature that allows remote attackers to write arbitrary fi...
Feb 3, 2023This CVE describes an unquoted service path vulnerability in ASUS Aura Ready Game SDK service (GameSDK.exe) version 1.0.0.4. It allows local attackers...
Jul 21, 2022ASUS Control Center API has broken access control allowing unauthenticated remote attackers to call privileged API functions. This can lead to partial...
Jun 20, 2022This vulnerability allows remote attackers to execute arbitrary commands on ASUS RT-N53 routers by injecting malicious commands into the SystemCmd par...
Jun 17, 2022This vulnerability in Asus DSL-N14U-B1 routers allows remote attackers to cause a Denial of Service (DoS) by sending TCP SYN packets, which can crash ...
May 11, 2022ASUS WebStorage contains a hardcoded API token in its source code, allowing unauthenticated remote attackers to connect to the server and attempt logi...
Apr 22, 2022CVE-2022-26674 is a format string vulnerability in ASUS RT-AX88U routers that allows unauthenticated remote attackers to write to arbitrary memory add...
Apr 22, 2022This vulnerability allows unauthenticated attackers on the local network to perform path traversal attacks on ASUS RT-AX56U routers. By exploiting ins...
Apr 7, 2022This vulnerability allows unauthenticated attackers on the local network to execute arbitrary code on ASUS RT-AX56U routers by exploiting a stack-base...
Apr 7, 2022This vulnerability in ASUS RT-AC56U routers allows unauthenticated attackers on the local network to execute arbitrary code by exploiting a heap buffe...
Apr 7, 2022This vulnerability is a buffer overflow in the blocking_request.cgi component of Asus RT-AC68U and RT-AC5300 routers. Attackers can exploit it remotel...
Mar 23, 2022CVE-2022-22814 is a privilege escalation vulnerability in the MyASUS System Diagnosis service. It allows local attackers to execute arbitrary code wit...
Mar 10, 2022CVE-2022-22262 is a local privilege escalation vulnerability in ROG Live Service where improper symbolic link handling allows unauthenticated local at...
Mar 1, 2022CVE-2021-46247 is a hard-coded cryptographic key vulnerability in ASUS CMAX6000 routers that allows attackers to decrypt encrypted data. This affects ...
Feb 17, 2022ASUS RT-AX56U Wi-Fi routers have a stack-based buffer overflow vulnerability in their httpd service. An authenticated attacker on the local network ca...
Jan 3, 2022This vulnerability allows remote attackers to execute arbitrary code on ASUS RT-N53 routers via a buffer overflow in the DNS configuration parameters....
Dec 28, 2021This vulnerability allows remote attackers to bypass CAPTCHA-based brute-force protection on affected ASUS routers, enabling unlimited login attempts....
Nov 19, 2021This vulnerability allows unauthenticated attackers to bypass authentication on ASUS GT-AC2900 and Lyra Mini routers by sending specially crafted inpu...
May 6, 2021This vulnerability allows remote attackers with administrator access to ASUS BMC firmware to execute arbitrary commands via command injection in the W...
Apr 6, 2021Why Monitor Asus Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 39+ known vulnerabilities affecting Asus products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Asus packages in under 60 seconds. No agents required - completely agentless scanning that works across Asus deployments.
Free vulnerability database: Access detailed information about every Asus CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Asus CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
