Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Asus — Vulnerabilities & Security Advisories 138

Browse all 138 CVE security advisories affecting Asus. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ASUS operates primarily as a manufacturer of consumer electronics, networking hardware, and computer components, serving both individual users and enterprise clients. Its product portfolio, which includes routers, motherboards, and embedded systems, frequently exposes devices to remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These flaws often stem from insecure default configurations, unpatched firmware, and weak authentication mechanisms within web management interfaces. Historically, the company has faced scrutiny over delayed security updates and the persistence of critical defects in widely deployed network equipment. Notable incidents involve compromised routers that allowed attackers to gain administrative access or intercept traffic, highlighting systemic issues in long-term support and secure development practices. With numerous recorded CVEs, ASUS continues to address these legacy weaknesses while navigating the complex security demands of its diverse hardware ecosystem.

Top products by Asus: BMC firmware for Z10PR-D16 BMC firmware for ASMB9-iKVM Router Armoury Crate RT-AC86U RT-AX55 RT-AX56U RT-AX88U Download Master RT-AX82U ASCI DriverHub MyASUS RT-AX56U V2 Control Center ASUS Business System Control Interface ZenWiFi XT8 RP-AC52 Access Point HG100 firmware ASUS Business Manager ASUS System Control Interface B460 series live update DSL-AC51 Driver( Keyboard & Mouse ) AI Suite Member Center(华硕大厅) AsusPTPFilter RT-N12E DSL-N17U
CVE IDTitleCVSSSeverityPublished
CVE-2021-28187 ASUS BMC's firmware: buffer overflow - Generate new SSL certificate — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28185 ASUS BMC's firmware: buffer overflow - ActiveX configuration-1 acquisition — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28186 ASUS BMC's firmware: buffer overflow - ActiveX configuration-2 acquisition — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28184 ASUS BMC's firmware: buffer overflow - Active Directory configuration function — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28183 ASUS BMC's firmware: buffer overflow - Web License configuration setting — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28182 ASUS BMC's firmware: buffer overflow - Web Service configuration function — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28180 ASUS BMC's firmware: buffer overflow - Audit log configuration setting — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28181 ASUS BMC's firmware: buffer overflow - Remote video configuration setting — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28179 ASUS BMC's firmware: buffer overflow - Media support configuration setting — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28177 ASUS BMC's firmware: buffer overflow - LDAP configuration function — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28178 ASUS BMC's firmware: buffer overflow - UEFI configuration function — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28176 ASUS BMC's firmware: buffer overflow - DNS configuration function — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2021-28175 ASUS BMC's firmware: buffer overflow - Radius configuration function — BMC firmware for Z10PR-D16CWE-120 4.9 Medium2021-04-06
CVE-2019-11060 HG100 contains an Uncontrolled Resource Consumption vulnerability — HG100 firmwareCWE-400 7.5 -2019-08-29
CVE-2019-11063 SmartHome application has a broken access control vulnerability in its Web API Server — SmartHome Android app 8.8 -2019-08-29
CVE-2019-11061 HG100 has a broken access control vulnerability in its Web API Server — HG100 firmware 8.1 -2019-08-29
CVE-2016-6557 The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to cross-site request forgery — RP-AC52 Access PointCWE-352 8.0 -2018-07-13
CVE-2016-6558 The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to command injection — RP-AC52 Access PointCWE-77 9.8 -2018-07-13

This page lists every published CVE security advisory associated with Asus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.