CVE-2016-6558

The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to command injection

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The action_script parameter specifies a script to be executed if the action_mode parameter does not contain a valid state. If the input provided by action_script does not match one of the hard coded options, then it will be executed as the argument of either a system() or an eval() call allowing arbitrary commands to be executed.

Existe una vulnerabilidad de inyección de comandos en apply.cgi en el punto de acceso de ASUS RP-AC52 en su versión del firmware 1.0.1.1s y posiblemente anteriores, en la interfaz web; específicamente en el parámetro action_script. El parámetro action_script especifica un script para que sea ejecutado si el parámetro action_mode no contiene un estado válido. Si la entrada proporcionada por action_script no coincide con una de las opciones embebidas, se ejecutará como el argumento de una llamada system() o eval(), lo que permite que se ejecuten comandos arbitrarios.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2016-08-03 CVE Reserved
2018-07-13 CVE Published
2023-12-04 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

CAPEC

References (2)

URL	Tag	Source
https://www.kb.cert.org/vuls/id/763843	Third Party Advisory
https://www.securityfocus.com/bid/93596	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Asus Search vendor "Asus"	Rp-ac52 Firmware Search vendor "Asus" for product "Rp-ac52 Firmware"	<= 1.0.1.1s Search vendor "Asus" for product "Rp-ac52 Firmware" and version " <= 1.0.1.1s"	-	Affected	in	Asus Search vendor "Asus"	Rp-ac52 Search vendor "Asus" for product "Rp-ac52"	-	-	Safe
Asus Search vendor "Asus"	Ea-n66 Firmware Search vendor "Asus" for product "Ea-n66 Firmware"	-	-	Affected	in	Asus Search vendor "Asus"	Ea-n66 Search vendor "Asus" for product "Ea-n66"	-	-	Safe
Asus Search vendor "Asus"	Rp-n12 Firmware Search vendor "Asus" for product "Rp-n12 Firmware"	-	-	Affected	in	Asus Search vendor "Asus"	Rp-n12 Search vendor "Asus" for product "Rp-n12"	-	-	Safe
Asus Search vendor "Asus"	Rp-n14 Firmware Search vendor "Asus" for product "Rp-n14 Firmware"	-	-	Affected	in	Asus Search vendor "Asus"	Rp-n14 Search vendor "Asus" for product "Rp-n14"	-	-	Safe
Asus Search vendor "Asus"	Rp-n53 Firmware Search vendor "Asus" for product "Rp-n53 Firmware"	-	-	Affected	in	Asus Search vendor "Asus"	Rp-n53 Search vendor "Asus" for product "Rp-n53"	-	-	Safe
Asus Search vendor "Asus"	Rp-ac56 Firmware Search vendor "Asus" for product "Rp-ac56 Firmware"	-	-	Affected	in	Asus Search vendor "Asus"	Rp-ac56 Search vendor "Asus" for product "Rp-ac56"	-	-	Safe
Asus Search vendor "Asus"	Wmp-n12 Firmware Search vendor "Asus" for product "Wmp-n12 Firmware"	-	-	Affected	in	Asus Search vendor "Asus"	Wmp-n12 Search vendor "Asus" for product "Wmp-n12"	-	-	Safe