CVE-2025-15101

High CVSS: 8.5

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS router models. This vulnerability potentially allows actions to be performed with the existing privileges of an authenticated user on the affected device, including the ability to execute system commands through unintended mechanisms.
Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

Vendor

Asus

Product

Asus Firmware

CWE

CWE-78

Yayın Tarihi

2026-03-26 03:16:02

Güncelleme

2026-03-26 16:43:20

Source Identifier

54bf65a7-a193-42d2-b1ba-8e150d3c35e1

KEV Date Added

Kategoriler

CWE-78 Asus Firmware HIGH Asus 2026

Referanslar

https://www.asus.com/security-advisory/

Benzer Kayıtlar

High

CVE-2025-12793

An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local attacker may influence the ap…

Critical

CVE-2025-59374

"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with unauthorized modificat…

Critical

CVE-2025-59367

An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to…