CVE-2021-37315

Incorrect Access Control issue discoverd in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the source for COPY and MOVE operations.

Published: Feb 3, 2023
Updated: Apr 14, 2023
CVE: CVE-2021-37315
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.1
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWEs:

CWE-706

Affected Software
References

Software	From	Fixed in
asus / rt-ac68u_firmware	-	3.0.0.4.386.41634

https://robertchen.cc/blog/2021/03/31/asus-rce

Vulnerability Database

289,784

CVE-2021-37315