{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T23:41:08.636","vulnerabilities":[{"cve":{"id":"CVE-2021-40556","sourceIdentifier":"cve@mitre.org","published":"2022-10-06T18:15:50.453","lastModified":"2024-11-21T06:24:22.497","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by \"caupload\" input handle function allowing the user to enter 0xFFFF bytes into the stack. This vulnerability allows an attacker to execute commands remotely. The vulnerability requires authentication."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de pila en el servicio httpd del router ASUS RT-AX56U versión 3.0.0.4.386.44266. Esta vulnerabilidad es causada por la función strcat llamada por la función de manejo de entrada \"caupload\" que permite al usuario introducir bytes 0xFFFF en la pila. Esta vulnerabilidad permite a un atacante ejecutar comandos de forma remota. La vulnerabilidad requiere autenticación"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax56u_firmware:3.0.0.4.386.44266:*:*:*:*:*:*:*","matchCriteriaId":"F31163B5-A930-40F9-ACDA-8E93755B1C43"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*","matchCriteriaId":"4D747097-702E-4046-9723-01A586336534"}]}]}],"references":[{"url":"https://www.asus.com/tw/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://x1ng.top/2021/10/14/ASUS%E6%A0%88%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.asus.com/tw/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://x1ng.top/2021/10/14/ASUS%E6%A0%88%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}