CVE-2024-0401

ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U, ASUS RT-AC67U, ASUS RT-AC68R, ASUS RT-AC68U, ASUS RT-AX86, ASUS RT-AC86U, ASUS RT-AX88U, and ASUS RT-AX3000.

Publication date: Mon, 20 May 2024 17:15:00 +0000

Cyber News related to CVE-2024-0401

CVE-2007-5763 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0401. Reason: This candidate is a reservation duplicate of CVE-2008-0401. Notes: All CVE users should reference CVE-2008-0401 instead of this candidate. All references and ...
55 years ago Tenable.com

AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
4 months ago Feeds.dzone.com

Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
11 months ago Cisa.gov

Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
11 months ago Cisa.gov

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
8 months ago Tenable.com

CVE-2024-0401 - ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ...
9 months ago

CVE-2010-1239 - Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and (2) execute arbitrary programs embedded in a PDF document via an unspecified "/Launch ...
14 years ago

CVE-2016-0429 - Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401. ...
7 years ago

CVE-2016-0401 - Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0429. ...
7 years ago

CVE-2005-0401 - FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a ...
6 years ago

CVE-2022-0401 - Path Traversal in NPM w-zip prior to 1.0.12. ...
3 years ago

CVE-2010-0401 - OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending ...
14 years ago

CVE-2000-0401 - Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string. ...
8 years ago

CVE-2002-0401 - SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. ...
1 year ago

CVE-2003-0401 - Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template. ...
8 years ago

CVE-2015-0401 - Unspecified vulnerability in the Oracle Directory Server Enterprise Edition component in Oracle Fusion Middleware 7.0 and 11.1.1.7 allows remote authenticated users to affect integrity via unknown vectors related to Admin Console. ...
8 years ago

CVE-2004-0401 - Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions. ...
7 years ago

CVE-2006-0401 - Unspecified vulnerability in Mac OS X before 10.4.6, when running on an Intel-based computer, allows attackers with physical access to bypass the firmware password and log on in Single User Mode via unspecified vectors. ...
7 years ago

CVE-2008-0401 - Buffer overflow in the logging functionality of the HTTP server in IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) before 5.1.0.3 Interim Fix 3 allows remote attackers to cause a denial of service (daemon crash) or possibly execute ...
7 years ago

CVE-2009-0401 - SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. ...
7 years ago

CVE-2012-0401 - Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. ...
7 years ago

CVE-2013-0401 - The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as ...
7 years ago

CVE-2007-0401 - SQL injection vulnerability in admin/memberlist.php in Easebay Resources Login Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the init_row parameter. ...
6 years ago

CVE-2001-0401 - Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable. ...
6 years ago

CVE-2017-0401 - An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as ...
5 years ago

Latest Cyber News

Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife | The Record from Recorded Future News - 20 minutes ago
Black Basta is latest ransomware group to be hit by leak of chat logs | The Record from Recorded Future News - 2 hours ago
CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits - 7 hours ago
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors - 8 hours ago
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix - Cyber Security News - 8 hours ago
Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia - 9 hours ago
Google Released PoC Exploit for Palo Alto Firewall Command Injection Vulnerability - 11 hours ago
New Active Directory Pentesting Tool For KeyCredentialLink Management - 12 hours ago
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub - 13 hours ago
China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - 14 hours ago
CVE-2025-27097 - 18 hours ago
CVE-2025-27098 - 18 hours ago
Apiiro unveils free scanner to detect malicious code merges - 18 hours ago
Black Basta ransomware gang's internal chat logs leak online - 18 hours ago
CVE-2025-0352 - 19 hours ago
CVE-2025-1265 - 19 hours ago
CVE-2025-24893 - 19 hours ago
CVE-2025-25299 - 19 hours ago
Ivanti Endpoint Manager Vulnerabilities Proof-of-Concept (PoC) Exploit Released - 19 hours ago
New NailaoLocker Ransomware Attacking European Healthcare - 19 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife | The Record from Recorded Future News - 20 minutes ago
Black Basta is latest ransomware group to be hit by leak of chat logs | The Record from Recorded Future News - 2 hours ago
CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits - 7 hours ago
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors - 8 hours ago
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix - Cyber Security News - 8 hours ago
Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia - 9 hours ago
Google Released PoC Exploit for Palo Alto Firewall Command Injection Vulnerability - 11 hours ago
New Active Directory Pentesting Tool For KeyCredentialLink Management - 12 hours ago
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub - 13 hours ago
China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - 14 hours ago
CVE-2025-1272 - 2 days ago
CVE-2025-27090 - 1 day ago
CVE-2023-51305 - 1 day ago
CVE-2024-10339 - 1 day ago
CVE-2024-37359 - 1 day ago
CVE-2024-37360 - 1 day ago
CVE-2024-5705 - 1 day ago
CVE-2024-5706 - 1 day ago
CVE-2025-21355 - 1 day ago
CVE-2025-24989 - 1 day ago