Page 2 of 15 results (0.018 seconds)

CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 1

Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id. Un desbordamiento de búfer en la región stack de la memoria en el firmware Asuswrt-Merlin para dispositivos ASUS versiones anteriores a 384.4 y el firmware ASUS versiones anteriores a 3.0.0.4.382.50470 para dispositivos, permite a atacantes remotos ejecutar código arbitrario al proporcionar una cadena larga en la página block.asp por medio de una petición GET o POST. Los parámetros vulnerables son flag, mac y cat_id. • https://pagedout.institute/download/PagedOut_001_beta1.pdf https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS • CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0

Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service. Una vulnerabilidad de Salto de Enlace Simbólico en ASUS RT-AC66U y RT-N56U debido a una configuración inapropiada en el servicio SMB. • https://www.ise.io/casestudies/exploiting-soho-routers https://www.ise.io/soho_service_hacks https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 8%CPEs: 26EXPL: 0

ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors. Los routers ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13 y RT-N12 D1 con firmware anterior a 3.0.0.4.380.8228; los routers RT-AC52U B1, RT-AC1200 y RT-N600 con firmware anterior a 3.0.0.4.380.10446; los routers RT-AC55U y RT-AC55UHP con firmware anterior a 3.0.0.4.382.50276; los routers RT-AC86U y RT-AC2900 con firmware anterior a 3.0.0.4.384.20648; y posiblemente otros routers de la serie RT, permiten que atacantes remotos ejecuten código arbitrario mediante vectores sin especificar. • https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 0

Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable. Main_Analysis_Content.asp en /apply.cgi en dispositivos ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900 y en dispositivos RT-AC3100 en versiones anteriores a la 3.0.0.4.384_10007; dispositivos RT-N18U en versiones anteriores a la 3.0.0.4.382.39935; dispositivos RT-AC87U y RT-AC3200 en versiones anteriores a la 3.0.0.4.382.50010; y dispositivos RT-AC5300 en versiones anteriores a la 3.0.0.4.384.20287 permite la inyección de comandos del sistema operativo mediante los campos pingCNT y destIP de la variable SystemCmd. • http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html https://fortiguard.com/zeroday/FG-VD-17-216 https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 10.0EPSS: 96%CPEs: 5EXPL: 5

common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change. common.c en infosvr en ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, y otras versiones, utilizado en RT-AC66U, RT-N66U, y otros routers, no comprueba correctamente la dirección MAC para una solicitud, lo que permite a atacantes remotos evadir la autenticación y ejecutar comandos arbitrarios a través de un paquete NET_CMD_ID_MANU_CMD en el puerto UDP 9999. NOTA: este problema fue mapeado incorrectamente a CVE-2014-10000, pero este identificador es inválido debido a su uso como ejemplo de cambio de la sintaxis de identificadores de CVEs del 2014. • https://www.exploit-db.com/exploits/35688 https://www.exploit-db.com/exploits/44524 http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html http://www.exploit-db.com/exploits/35688 https://github.com/jduck/asus-cmd https://support.t-mobile.com/docs/DOC-21994 • CWE-264: Permissions, Privileges, and Access Controls •