CVE-2024-31162

Published Jun 14, 2024

Last updated 5 months ago

CVSS high 7.2

Overview

Description
The specific function parameter of ASUS Download Master does not properly filter user input. An unauthenticated remote attacker with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the device.
Source
twcert@cert.org.tw
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
7.2
Impact score
5.9
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

twcert@cert.org.tw
CWE-78

Social media

Hype score
Not currently trending

References