CVE-2025-15101: OS Command Injection

Q: What is the severity of CVE-2025-15101?

CVE-2025-15101 is classified as a high severity Cross-Site Request Forgery (CSRF) vulnerability.

Q: How does CVE-2025-15101 affect ASUS routers?

CVE-2025-15101 allows an attacker to perform actions on an ASUS router with the privileges of an authenticated user.

Q: How can I mitigate CVE-2025-15101?

To mitigate CVE-2025-15101, it is recommended to update your ASUS router firmware to the latest version provided by the manufacturer.

Q: What ASUS router models are affected by CVE-2025-15101?

CVE-2025-15101 affects certain models of ASUS routers using the vulnerable Web management interface.

Q: What are the symptoms of an exploit using CVE-2025-15101?

Symptoms of an exploit using CVE-2025-15101 may include unauthorized changes to router settings or unusual network activity.

Published Mar 26, 2026

Updated

An OS command injection vulnerability in the web management interface of certain ASUS router models allows remote authenticated administrators to execute arbitrary system commands via a crafted parameter. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

Affected Software

2 affected components

ASUS ASUS Router Firmware

ASUS ASUS firmware<=3.0.0.6_102

Event History

Mar 26, 2026

CVE Published

via MITRE·02:01 AM

Data Sourced

via MITRE·02:01 AM

DescriptionWeakness

Data Sourced

via NVD·03:16 AM

DescriptionSeverityWeaknessAffected Software

Sep 24, 58343

Event

via NVD·05:27 PM

Frequently Asked Questions

What is the severity of CVE-2025-15101?

CVE-2025-15101 is classified as a high severity Cross-Site Request Forgery (CSRF) vulnerability.

How does CVE-2025-15101 affect ASUS routers?

CVE-2025-15101 allows an attacker to perform actions on an ASUS router with the privileges of an authenticated user.

How can I mitigate CVE-2025-15101?

To mitigate CVE-2025-15101, it is recommended to update your ASUS router firmware to the latest version provided by the manufacturer.

What ASUS router models are affected by CVE-2025-15101?

CVE-2025-15101 affects certain models of ASUS routers using the vulnerable Web management interface.

What are the symptoms of an exploit using CVE-2025-15101?

Symptoms of an exploit using CVE-2025-15101 may include unauthorized changes to router settings or unusual network activity.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.