CVE-2024-13062

An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution. Refer to the ' 01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.asus.com/content/asus-product-security-advisory/

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una vulnerabilidad de punto de entrada no intencionado en ciertos modelos de routers, que puede permitir la ejecución de comandos arbitrarios. Consulte la sección "Vulnerabilidad de ASUS Router AiCloud del 01/02/2025" en el Aviso de seguridad de ASUS para obtener más información.

02 Jan 2025, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-02 10:15

Updated : 2026-04-15 00:35

NVD link : CVE-2024-13062

Mitre link : CVE-2024-13062

CVE.ORG link : CVE-2024-13062

JSON object : View

Products Affected

No product.

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-912

Hidden Functionality

7.2 /10