Primary

Context

ASUS Routers Cross-Site Request Forgery Vulnerability

Vulnerability

Patched

A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of certain ASUS router models. This vulnerability allows actions to be performed with the privileges of an authenticated user on the affected device, including executing system commands through unintended channels. The vulnerability affects ASUS routers running firmware versions 3.0.0.6_102 and earlier.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed on behalf of an authenticated user, potentially allowing for the execution of system commands on the affected router.

Remediation

Users can update their routers to the latest firmware version to address this vulnerability. Instructions for updating the firmware can be found on the ASUS Support website.

Added: Mar 26, 2026, 3:20 AM

Updated: Mar 26, 2026, 3:20 AM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

10.0

exploitability

6.0

remediation

0.0

relevance

4.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

10.0

exploitability

6.0

remediation

0.0

relevance

4.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ASUS Routers Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

ASUS Routers

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating