QwikSec

Security Database

CVE

CWE

Training

CVE-2025-15101

Published: Mar 26, 2026

Modified: May 13, 2026

PUBLISHED

Description

An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbitrary system commands via a crafted parameter. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

Vendor	Product	Versions
ASUS	Router	affected `3.0.0.6_102`

Weaknesses (CWE)

References

https://www.asus.com/security-advisory/

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.