CVE-2024-12912

Published Jan 2, 2025

Last updated 2 months ago

CVSS high 7.2

Overview

Description
An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information.
Source
54bf65a7-a193-42d2-b1ba-8e150d3c35e1
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.2
Impact score
5.9
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

54bf65a7-a193-42d2-b1ba-8e150d3c35e1
CWE-20

Social media

Hype score
Not currently trending

  1. We’ve reported this to ASUS PSIRT and are investigating the infection chain, including a possible link to CVE-2024-12912. 🔍 Further updates to follow.

    @nicter_jp

    20 Feb 2025

    1259 Impressions

    4 Retweets

    11 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  2. ASUS ルーターの脆弱性 CVE-2024-12912/13062 が FIX:任意のコマンド実行にいたる可能性 https://t.co/79G0K2HgeX ASUS のルーターに脆弱性が発生です。直近の関連ポストは、2024/06/15 の「ASUS ルーター製品7機種に深刻な脆弱性:認証バイパスなどの恐れ」となっています。 #AiCloud #Asus… https://t.co/DgMSM7b8se

    @iototsecnews

    13 Jan 2025

    155 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2024-12912 & CVE-2024-13062: ASUS Routers Exposed to Command Execution https://t.co/6DgNt8ApGh

    @the_yellow_fall

    7 Jan 2025

    407 Impressions

    3 Retweets

    10 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨Alert🚨 CVE-2024-12912&CVE-2024-13062 : Injection and execution vulnerabilities in certain ASUS router firmware series. 📊 1.2m+ Services are found on https://t.co/ysWb28BTvF yearly. 🔗Hunter Link: https://t.co/jX5AV6gjqM 👇Query HUNTER :/product.name="ASUS AiCloud" FOFA :…

    @HunterMapping

    7 Jan 2025

    1814 Impressions

    12 Retweets

    24 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-12912 (CVSS:7.2, HIGH) is Awaiting Analysis. An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. R..https://t.co/RrwOAtyOLF #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    7 Jan 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. ASUS routers face critical command injection flaws (CVE-2024-12912, CVE-2024-13062) with a CVSS score of 7.2. Immediate firmware updates are essential for user safety. 🛡️ #ASUS #RouterSecurity #USA #CybersecurityNews link: https://t.co/6RXDPPxCcd https://t.co/b4gBVEQt1F

    @TweetThreatNews

    6 Jan 2025

    40 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CVE-2024-12912 (CVSS:7.2, HIGH) is Awaiting Analysis. An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. R..https://t.co/RrwOAtyOLF #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    6 Jan 2025

    29 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  8. برای چندین روتر ASUS آسیب پذیری با کدهای شناسایی CVE-2024-12912 و CVE-2024-13062 منتشر شده است‌. نمره این آسیب پذیری 7.2 بوده و ASUS از تمامی کاربران خواسته که هر چه سریعتر به نسخه های 3.0.0.4_386 و 3.0.0.4_388 و 3.0.0.6_102 به روز رسانی نمایند. https://t.co/Poz3aKYxT1 https://t

    @AmirHossein_sec

    5 Jan 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. به تازگی برای چندین روترASUS آسیب پذیری باکدهای شناسایی CVE-2024-12912وCVE-2024-13062 منتشرشدکه به هکرهاامکان اجرای کامندرامی دهد. نمره این آسیب پذیزی 7.2بوده و ASUS از تمامی کاربران خواسته که هر چه سریعتر به نسخه های 3.0.0.4_386 و 3.0.0.4_388 و 3.0.0.6_102 به روز رسانی نمایند.

    @cybernetic_cy

    5 Jan 2025

    89 Impressions

    2 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. #Vulnerability #AiCloud CVE-2024-12912 & CVE-2024-13062: ASUS Routers at Risk https://t.co/OtQLX6vrwt

    @Komodosec

    3 Jan 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. CVE-2024-12912 & CVE-2024-13062: ASUS Router'larda Kritik Güvenlik Açıkları https://t.co/Zfia7uXGqS

    @cyberwebeyeos

    3 Jan 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. CVE-2024-12912 & CVE-2024-13062: ASUS Routers at Risk https://t.co/YAHqHEBbF7

    @Dinosn

    3 Jan 2025

    2487 Impressions

    4 Retweets

    5 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  13. 🚨🚨CVE-2024-12912 & CVE-2024-13062: ASUS Routers at Risk ⚠️Injection and execution vulnerabilities in certain ASUS router firmware series that allow authenticated attackers to trigger command execution have been identified in ASUS router AiCloud. Search for ASUS AiCloud.… h

    @zoomeye_team

    3 Jan 2025

    447 Impressions

    0 Retweets

    4 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  14. CVE-2024-12912 Arbitrary Command Execution in ASUS Router AiCloud Vulnerability AiCloud on some router models has an improper input insertion issue. This can cause arbitrary command execution. For more info, chec... https://t.co/n8NIM5IRCe

    @VulmonFeeds

    2 Jan 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. CVE-2024-12912 An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vu… https://t.co/L6TC4Y6BTP

    @CVEnew

    2 Jan 2025

    387 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References