KEVIntel
Back to KEVs
9.8
CVSS
Critical

CVE-2021-32030

PUBLISHED

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 and Lyra Mini before 3.0.0.4_384_46630 allows authentication...

Exploited in the wild Remote Low complexity No user interaction
Vendor
ASUS
Product
GT-AC2900, Lyra Mini
Published
May 06, 2021
EPSS
94.2% · 100% pctl

Description

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 and Lyra Mini before 3.0.0.4_384_46630 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\0' matches the device's default value of '\0' in some situations. Note: All versions of Lyra Mini and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability, Consumers can mitigate this vulnerability by disabling the remote access features from WAN.

cisa nuclei_scanner edge

CVSS scores

CVSS v3.1 9.8 Critical

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0 7.5

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitation status

Exploited in the wild

Recorded 2025-04-22 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
Yes
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Jun 02, 2026
The Shadowserver (via CIRCL) Apr 28, 2025

Scanner integrations

Scanner Reference Detected
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-32030.yaml Apr 25, 2025

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Detected by Nuclei

  • Added to KEVIntel

  • Added to KEVIntel