What is CVE-2023-39780?

A high-severity OS command injection vulnerability has been identified in ASUS RT-AX55 devices. Authenticated attackers can exploit this flaw to execute arbitrary commands. Immediate patching is required to mitigate potential risks.

What is the severity of CVE-2023-39780?

CVE-2023-39780 has a severity rating of HIGH with a CVSS base score of 8.8.

Is CVE-2023-39780 in CISA KEV?

Yes. CVE-2023-39780 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog. Organizations should prioritize remediation.

CVE-2023-39780 | High Vulnerability in ASUS RT-AX55 Routers

On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist parameter. This vulnerability allows unauthorized execution of system commands, potentially leading to significant security breaches.

The vulnerability has been classified with a CVSS score of 8.8, indicating a high severity level. Organizations using affected devices should prioritize patching immediately to mitigate risks associated with exploitation.

Risk to organizations includes unauthorized command execution, which can compromise the integrity and confidentiality of the affected systems. The vulnerability has been added to the Known Exploited Vulnerabilities catalog, underscoring the urgency of remediation.

Organizations should address this vulnerability in their priority patch cycle, as exploitation could lead to extensive damage and unauthorized access to network resources.

Vulnerability Details

The vulnerability description states that on ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist parameter. The CVSS score is 8.8, reflecting high severity due to the potential impact on confidentiality, integrity, and availability.

The affected product is the ASUS RT-AX55 firmware version 3.0.0.4.386.51598, which has been classified under CWE-78. Organizations must ensure that they have the latest firmware updates to mitigate this vulnerability.

Technical Analysis

The root cause of this vulnerability is the improper validation of input parameters, allowing attackers to inject malicious commands. The attack vector is network-based, requiring low attack complexity. Since the attacker needs only low privileges, the risk of exploitation is significant.

User interaction is not required, making the vulnerability particularly dangerous. The impacts on confidentiality, integrity, and availability are all assessed as high, indicating that successful exploitation could lead to severe consequences for affected organizations.

Risk & Impact Analysis

The real-world risk associated with this vulnerability is substantial, particularly in environments where ASUS RT-AX55 devices are deployed. Unauthorized command execution can lead to a complete compromise of the device, allowing attackers to manipulate network traffic or deploy additional exploits.

Given the high CVSS score and inclusion in the KEV catalog, organizations must treat this vulnerability with urgency, ensuring that they follow best practices for vulnerability management and remediation.

Organizations should prioritize patching immediately to mitigate potential risks and ensure the integrity of their network infrastructure.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	Yes
Ransomware Use	No

Affected Versions

The affected version is ASUS RT-AX55 firmware 3.0.0.4.386.51598. Organizations should ensure that they are running the latest firmware to mitigate this vulnerability.

Mitigation & Remediation

Organizations must apply mitigations per vendor instructions. If patches are unavailable, following applicable BOD 22-01 guidance for cloud services is advisable, or consider discontinuing use of the product.

For ongoing security, organizations should also engage in penetration testing to identify vulnerabilities in their network infrastructure.

Detection Guidance

Organizations should monitor logs for indicators of command injection attempts, including unusual system commands executed from the device. Behavioral anomalies should also be investigated to detect potential exploitation.

AppSecure Threat Intelligence Insight

This vulnerability highlights the importance of maintaining updated firmware. Security teams should adopt a proactive approach to monitor for similar vulnerabilities in the future.

For further insights, organizations can refer to the following resources: vulnerability management programs and penetration testing methodology to enhance their security posture.

Lastly, organizations should continually assess their security strategies to adapt to evolving threats in the cybersecurity landscape.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-39780: High Vulnerability in ASUS RT-AX55 Routers