CVE-2021-41436

Summary

CVE	CVE-2021-41436
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-11-19 12:15:00 UTC
Updated	2021-11-23 18:29:00 UTC
Description	An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet.

Risk And Classification

Problem Types: CWE-444

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Asus	Gt-ax11000	-	All	All	All
Operating System	Asus	Gt-ax11000 Firmware	All	All	All	All
Hardware	Asus	Rt-ax3000	-	All	All	All
Operating System	Asus	Rt-ax3000 Firmware	All	All	All	All
Hardware	Asus	Rt-ax55	-	All	All	All
Operating System	Asus	Rt-ax55 Firmware	All	All	All	All
Hardware	Asus	Rt-ax56u	-	All	All	All
Operating System	Asus	Rt-ax56u Firmware	All	All	All	All
Hardware	Asus	Rt-ax56u V2	-	All	All	All
Operating System	Asus	Rt-ax56u V2 Firmware	All	All	All	All
Hardware	Asus	Rt-ax58u	-	All	All	All
Operating System	Asus	Rt-ax58u Firmware	All	All	All	All
Hardware	Asus	Rt-ax68u	-	All	All	All
Operating System	Asus	Rt-ax68u Firmware	All	All	All	All
Hardware	Asus	Rt-ax82u	-	All	All	All
Operating System	Asus	Rt-ax82u Firmware	All	All	All	All
Hardware	Asus	Rt-ax82u Gundam Edition	-	All	All	All
Operating System	Asus	Rt-ax82u Gundam Edition Firmware	All	All	All	All
Hardware	Asus	Rt-ax86s	-	All	All	All
Operating System	Asus	Rt-ax86s Firmware	All	All	All	All
Hardware	Asus	Rt-ax86u	-	All	All	All
Operating System	Asus	Rt-ax86u Firmware	All	All	All	All
Hardware	Asus	Rt-ax86u Zaku Ii Edition	-	All	All	All
Operating System	Asus	Rt-ax86u Zaku Ii Edition Firmware	All	All	All	All
Hardware	Asus	Rt-ax88u	-	All	All	All
Operating System	Asus	Rt-ax88u Firmware	All	All	All	All
Hardware	Asus	Rt-ax92u	-	All	All	All
Operating System	Asus	Rt-ax92u Firmware	All	All	All	All
Hardware	Asus	Tuf-ax5400	-	All	All	All
Operating System	Asus	Tuf-ax5400 Firmware	All	All	All	All
Hardware	Asus	Tuf Gaming Ax3000	-	All	All	All
Operating System	Asus	Tuf Gaming Ax3000 Firmware	All	All	All	All
Hardware	Asus	Zenwifi Ax Xt8	-	All	All	All
Operating System	Asus	Zenwifi Ax Xt8 Firmware	All	All	All	All
Hardware	Asus	Zenwifi Xd6	-	All	All	All
Operating System	Asus	Zenwifi Xd6 Firmware	All	All	All	All

References

Reference	Source	Link	Tags
ASUS ZenWiFi XD6 Series(XD6/XD6S)	MISC	www.asus.com
ASUS Global	MISC	asus.com
RT-AX55｜WiFi Routers｜ASUS Global	MISC	www.asus.com
RT-AX56U｜WiFi Routers｜ASUS Global	MISC	www.asus.com
RT-AX68U｜WiFi Routers｜ASUS Global	MISC	www.asus.com
RT-AX3000｜WiFi Routers｜ASUS Global	MISC	www.asus.com
ASUS ZenWiFi AX (XT8)｜Whole Home Mesh WiFi System｜ASUS Global	MISC	www.asus.com
ROG Rapture GT-AX11000 \| Gaming Networking｜ROG - Republic of Gamers｜ROG Global	MISC	rog.asus.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.