CVE-2021-41436

Published Nov 19, 2021
Last updated 3 years ago
CVSS high 7.5
Overview

Description: An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses

nvd@nist.gov: CWE-444
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:gt-ax11000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5B16842-6E75-42F9-BED2-37966FB900FF",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax3000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "604BBFB4-FF96-46F9-B407-C3D9CBE73BE8",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1515AF83-732F-489B-A25C-5D67A03A3B25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax55_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0BBE7AA-081C-48A7-AAC1-481538AEFECA",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B8F27D4F-EDC4-4676-8C66-545378850BF1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax56u_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36430A0B-7A71-4FB2-9159-6EE9C8B7DADE",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4D747097-702E-4046-9723-01A586336534"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax56u_v2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B24819D6-17F8-4ABD-8F85-DBB1C559759D",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax56u_v2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FFFF5EF7-E4EC-4DA0-82B4-9996087B951F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax58u_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD025F49-2590-4E99-9D63-9A5A28BF4B1F",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax82u_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88B9EE48-348F-4358-B89B-35F111466254",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8D118305-CAFD-425F-8352-3B241D2E7702"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax82u_gundam_edition_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0364A944-662E-4074-AA9A-3ACAB7A79888",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax82u_gundam_edition:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "23A62A40-F182-48D2-B6BA-B39632A5E92A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax82u_gundam_edition_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0364A944-662E-4074-AA9A-3ACAB7A79888",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax82u_gundam_edition:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "23A62A40-F182-48D2-B6BA-B39632A5E92A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax86u_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D136BA5-1B89-4B27-81E6-A5ED861DF21D",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AB28700C-02EB-46D0-9BAD-833CE4790264"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax86s_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44ED1540-9D3B-4E1E-867C-B639D7903B02",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax86s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B2FC13C9-ADF3-4ED7-BDE2-FEAEC6248BDB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax86u_zaku_ii_edition_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57AB9331-9565-42AC-B5C4-CE8A4849E285",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax86u_zaku_ii_edition:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57414ED4-B1E2-475D-9678-A0675439A80C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "781AB112-C281-4660-B494-36DBB84AF690",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax92u_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FB2DBB8-8782-418E-8CEB-0041694517F6",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8EB70155-390A-472E-A0AA-59A18ADD2BF5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:tuf_gaming_ax3000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5D4B2F3-C4BC-4B68-9D67-261B9EFAA11A",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:tuf_gaming_ax3000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AF2B2BEB-574D-4D02-B15E-1A6B737B06C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:tuf-ax5400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3B3959B-D5FC-4AC1-A8A9-544747178417",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:tuf-ax5400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0819A22E-2913-4C13-A67D-6130E10544BE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:zenwifi_xd6_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53F49747-32C4-4B4C-B9C6-90D3948ADABE",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:zenwifi_xd6:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6CEAB3EB-28B7-4FB8-9ECA-3A671B51A776"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:zenwifi_ax_\\(xt8\\)_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24F0C238-58D9-4721-A8B5-CA8C6F8CE445",
            "versionEndExcluding": "3.0.0.4.386.45898"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:zenwifi_ax_\\(xt8\\):-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6B7599D8-8837-41B3-B25A-002B2E2147DA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:asus:rt-ax68u_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A896450-3FC2-4386-8157-4B1CB2DCA66D",
            "versionEndExcluding": "3.0.0.4.386.45911"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7E27ED92-86BD-4FDB-A7AF-D308AA4A14DC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
