GHSA-f2xq-6hc9-3p2fMedium

Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection") in the web...

Published
July 15, 2026
Last Modified
July 15, 2026

🔗 CVE IDs covered (1)

📋 Description

Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection") in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the '  Security Update for ASUS Router Firmware ' section on the ASUS Security Advisory for more information.

🔗 References (3)