ASUS RT-AX55 - command injection - 1

Vulnerability

CVE-2023-41345 is a command injection vulnerability in the ASUS RT-AX55 router. The flaw exists in the authentication-related token-generation module, which fails to properly filter special characters before processing input. Affected firmware version is 3.0.0.4.386.51598 [1]. An authenticated remote attacker can exploit this weakness to inject arbitrary operating system commands.

Exploitation

To exploit the vulnerability, an attacker must first obtain valid credentials for the router's administrative interface (authenticated remote attacker). The attacker then sends a crafted request to the token-generation endpoint with specially crafted parameters containing command injection payloads. The module, due to insufficient sanitization, passes the attacker-supplied input into a system command without proper escaping [1].

Impact

Successful exploitation allows the attacker to execute arbitrary commands on the underlying operating system with root privileges. This leads to full compromise of confidentiality, integrity, and availability (CIA): the attacker can read or modify any data, install persistent malware, disrupt router operations, or terminate services [1]. The CVSS v3.1 base score is 8.8 (High) with vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [1].

Mitigation

ASUS released firmware version 3.0.0.4.386_51948 to fix this vulnerability [1]. Users should update their RT-AX55 router firmware to this version or later. No workaround has been published for users who cannot immediately apply the update. The CVE is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog as of the publication date.