{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T08:20:24.133","vulnerabilities":[{"cve":{"id":"CVE-2025-15101","sourceIdentifier":"54bf65a7-a193-42d2-b1ba-8e150d3c35e1","published":"2026-03-26T03:16:02.400","lastModified":"2026-03-26T16:43:20.300","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS router models. This vulnerability potentially allows actions to be performed with the existing privileges of an authenticated user on the affected device, including the ability to execute system commands through unintended mechanisms.\nRefer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information."},{"lang":"es","value":"Una vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) ha sido identificada en la interfaz de gestión web de ciertos modelos de router ASUS. Esta vulnerabilidad permite potencialmente que se realicen acciones con los privilegios existentes de un usuario autenticado en el dispositivo afectado, incluyendo la capacidad de ejecutar comandos del sistema a través de mecanismos no intencionados.\nConsulte la sección 'Security Update for ASUS Router Firmware' en el Aviso de Seguridad de ASUS para más información."}],"metrics":{"cvssMetricV40":[{"source":"54bf65a7-a193-42d2-b1ba-8e150d3c35e1","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"54bf65a7-a193-42d2-b1ba-8e150d3c35e1","type":"Secondary","description":[{"lang":"en","value":"CWE-78"},{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:asus_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.0.0.6_102","matchCriteriaId":"16C7B1D4-C9E4-420A-974E-816CEE4C159E"}]}]}],"references":[{"url":"https://www.asus.com/security-advisory/","source":"54bf65a7-a193-42d2-b1ba-8e150d3c35e1","tags":["Vendor Advisory"]}]}}]}