🔐 CVE Alert

CVE-2026-11851

UNKNOWN 0.0
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection") in the web management interface of certain ASUS router models allows a remote authenticated user to disclose confidential information via a crafted request that bypasses existing input validation Refer to the '  Security Update for ASUS Router Firmware ' section on the ASUS Security Advisory for more information.

CWE CWE-89
Vendor asus
Product router
Published Jul 15, 2026
Last Updated Jul 15, 2026
Stay Ahead of the Next One

Get instant alerts for asus router

Be the first to know when new unknown vulnerabilities affecting asus router are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

ASUS / Router
ASUSWRT 3.0.0.4_386 series ASUSWRT 3.0.0.4_388 series ASUSWRT 3.0.0.6_102 series

References

NVD ↗ CVE.org ↗ EPSS Data ↗
asus.com: https://www.asus.com/security-advisory/