Details of VAR-202511-2372

ID

VAR-202511-2372

CVE

CVE-2025-59368

TITLE

ASUS Router Integer Underflow Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-29935

DESCRIPTION

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information. ASUS Router is a router product and accompanying management application launched by ASUS, primarily used for wireless connectivity and management in home and enterprise networks. ASUS Router contains an integer underflow vulnerability, which attackers could exploit to compromise device availability

Trust: 1.44

sources: NVD: CVE-2025-59368 // CNVD: CNVD-2025-29935

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-29935

AFFECTED PRODUCTS

vendor:	asus	model:	router 3.0.0.4 386	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	router 3.0.0.4 388	scope:	-	version:	-	Trust: 0.6
vendor:	asus	model:	router 3.0.0.6 102	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2025-29935

CVSS

SEVERITY

CVSSV2

CVSSV3

54bf65a7-a193-42d2-b1ba-8e150d3c35e1:	CVE-2025-59368
value:	MEDIUM
Trust: 1.0
CNVD:	CNVD-2025-29935
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-29935
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2025-29935 // NVD: CVE-2025-59368

PROBLEMTYPE DATA

problemtype:

CWE-191

Trust: 1.0

sources: NVD: CVE-2025-59368

PATCH

title:

Patch for ASUS Router Integer Underflow Vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/777146

Trust: 0.6

sources: CNVD: CNVD-2025-29935

EXTERNAL IDS

db:	NVD	id:	CVE-2025-59368	Trust: 1.6
db:	CNVD	id:	CNVD-2025-29935	Trust: 0.6

sources: CNVD: CNVD-2025-29935 // NVD: CVE-2025-59368

REFERENCES

url:	https://www.asus.com/security-advisory/	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-59368	Trust: 0.6

sources: CNVD: CNVD-2025-29935 // NVD: CVE-2025-59368

SOURCES

db:	CNVD	id:	CNVD-2025-29935
db:	NVD	id:	CVE-2025-59368

LAST UPDATE DATE

2025-12-19T22:47:29.857000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-29935	date:	2025-12-04T00:00:00
db:	NVD	id:	CVE-2025-59368	date:	2025-11-25T22:16:16.690

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-29935	date:	2025-12-03T00:00:00
db:	NVD	id:	CVE-2025-59368	date:	2025-11-25T08:15:52.453