CVE-2023-41349 (rt-ax88u_firmware)

ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity information leakage, or forcing the device to reset and permanent denial of service.

advanced asus attack attacker configuration cve denial of service device exploit format string function information information leakage openvpn reset router service strings vpn vulnerability