CVE-2021-43702 Information

Description

ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly if an attacker was able to change the SSID of the router with a custom payload they could achieve stored XSS on the device.

Reference

https://www.kroll.com/en/insights/publications/cyber/cve-2021-43702-from-discovery-to-patch https://www.asus.com/uk/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC88U/