CVE-2023-34360

Summary

CVE-2023-34360 is a stored cross-site scripting (XSS) vulnerability affecting ASUS RT-AX88U routers running firmware versions 3.0.0.4.388.23110 and earlier. This vulnerability allows a remote attacker with regular user privileges to perform a stored XSS attack by uploading an image containing JavaScript code. The vulnerability has a base severity of HIGH and a base score of 8.2 according to [email protected], while the National Vulnerability Database (NVD) rates it as MEDIUM with a base score of 5.4. The affected products include various models of ASUS routers and related devices. To remediate the vulnerability, users should update their device firmware to a version beyond 3.0.0.4.388.23110, which addresses the issue and eliminates the potential danger of unauthorized script execution on the affected routers. Note: The provided analysis_description field is empty; hence, no additional information was available for inclusion in the report paragraph.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.