ASUS RT-AX56U - Stack overflew
Description
ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Stack-based buffer overflow in ASUS RT-AX56U user profile configuration allows unauthenticated LAN attacker to execute arbitrary code.
Vulnerability
ASUS RT-AX56U firmware version 3.0.0.4.386.45898 contains a stack-based buffer overflow vulnerability in the user profile configuration function. The function does not properly validate the length of parameters, leading to a buffer overflow when processing crafted input [1].
Exploitation
An unauthenticated attacker on the same local area network can send a specially crafted request to the vulnerable function. The request triggers a stack-based buffer overflow, allowing the attacker to overwrite memory and redirect execution flow [1].
Impact
Successful exploitation enables arbitrary code execution with the privileges of the affected service. The attacker can perform any operation on the device, including reading sensitive data, modifying configuration, or causing a denial of service [1].
Mitigation
ASUS released firmware version 3.0.0.4.386.45934 to fix this vulnerability. Users should update to this version or later. No workarounds are available [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 3.0.0.4.386.45898
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.twcert.org.tw/tw/cp-132-5787-b0e64-1.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.