CVE-2022-26674 CRITICAL

CVE-2022-26674: ASUS RT-AX88U - Format String

Vendor Asus
Product RT-AX88U
Weakness CWE-134
Published April 22, 2022
Last update September 16, 2024

CVSS base score

9.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker to write to arbitrary memory address and perform remote arbitrary code execution, arbitrary system operation or disrupt service.

Key dates

02Disclosure timeline

April 22, 2022 CVE published
September 16, 2024 Record updated