CVE-2025-2492
Description
An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions. Refer to the 'ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information.
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2025-2492? +
How do I check if I'm vulnerable to CVE-2025-2492? +
Related Vulnerabilities
ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the /api/public/user/login endpoint validates only the username and …
Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing …
In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the …
mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface …
Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain an exposed web management service …
This vulnerability exists in the CAP back office application due to improper implementation of OTP verification mechanism in its API …