CVE-2025-15101

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

6th

An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbitrary system commands via a crafted parameter. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CWE	CWE-78
Vendor	asus
Product	router
Published	Mar 26, 2026
Last Updated	May 13, 2026

Stay Ahead of the Next One

Get instant alerts for asus router

Be the first to know when new unknown vulnerabilities affecting asus router are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

ASUS / Router

3.0.0.6_102

References

NVD ↗ CVE.org ↗ EPSS Data ↗

asus.com: https://www.asus.com/security-advisory/

Credits

🔍 Per Idenfeldt Okuyama at CYLOQ