CVE-2024-0401 Information

Description

ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi ASUS RT-AX55 ASUS RT-AX58U ASUS RT-AC67U ASUS RT-AC68R ASUS RT-AC68U ASUS RT-AX86 ASUS RT-AC86U ASUS RT-AX88U and ASUS RT-AX3000.

Reference

https://vulncheck.com/advisories/asus-ovpn-rce