CVE-2023-41345
Summary
A vulnerability in ASUS RT-AX55 routers, identified as CVE-2023-41345, allows authenticated remote attackers to inject arbitrary commands. This is due to insufficient filtering of special characters in the token generation module, enabling them to disrupt systems or terminate services.
IFF Assessment
FOE
This vulnerability allows attackers to gain control of network devices, posing a direct threat to system integrity and availability.
Severity
8.8
High
Defender Context
This vulnerability in a widely used router model presents a significant risk to home and small business networks. Defenders should prioritize patching affected devices and monitoring for signs of command injection attempts, as compromising routers can lead to further network infiltration.