CVE-2017-16923
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to execute arbitrary OS commands via a crafted cgi-bin/luci/usbeject?dev_name= GET request from the LAN. This occurs because the "sub_A6E8 usbeject_process_entry" function executes a system function with untrusted input.
Vulnerabilidad de inyección de comandos en app_data_center en dispositivos Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01 y Ac18 ac18_kf_V15.03.05.19(6318_)_cn permite que los atacantes remotos no autenticados ejecuten comandos de sistema operativo arbitrarios mediante una petición GET cgi-bin/luci/usbeject?dev_name= manipulada desde la red LAN. Esto ocurre porque la función "sub_A6E8 usbeject_process_entry" ejecuta una función del sistema con valores de entrada no fiables.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-21 CVE Reserved
- 2017-11-21 CVE Published
- 2024-09-17 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://github.com/Iolop/Poc/tree/master/Router/Tenda | Issue Tracking |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Tenda Search vendor "Tenda" | Ac9 Firmware Search vendor "Tenda" for product "Ac9 Firmware" | us_ac9v1.0br_v15.03.05.14_multi_td01 Search vendor "Tenda" for product "Ac9 Firmware" and version "us_ac9v1.0br_v15.03.05.14_multi_td01" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac9 Search vendor "Tenda" for product "Ac9" | - | - |
Safe
|
Tenda Search vendor "Tenda" | Ac9 Firmware Search vendor "Tenda" for product "Ac9 Firmware" | ac9_kf_v15.03.05.19\(6318_\)_cn Search vendor "Tenda" for product "Ac9 Firmware" and version "ac9_kf_v15.03.05.19\(6318_\)_cn" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac9 Search vendor "Tenda" for product "Ac9" | - | - |
Safe
|
Tenda Search vendor "Tenda" | Ac15 Firmware Search vendor "Tenda" for product "Ac15 Firmware" | us_ac15v1.0br_v15.03.05.18_multi_td01 Search vendor "Tenda" for product "Ac15 Firmware" and version "us_ac15v1.0br_v15.03.05.18_multi_td01" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac15 Search vendor "Tenda" for product "Ac15" | - | - |
Safe
|
Tenda Search vendor "Tenda" | Ac15 Firmware Search vendor "Tenda" for product "Ac15 Firmware" | us_ac15v1.0br_v15.03.05.19_multi_td01 Search vendor "Tenda" for product "Ac15 Firmware" and version "us_ac15v1.0br_v15.03.05.19_multi_td01" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac15 Search vendor "Tenda" for product "Ac15" | - | - |
Safe
|
Tenda Search vendor "Tenda" | Ac18 Firmware Search vendor "Tenda" for product "Ac18 Firmware" | us_ac18v1.0br_v15.03.05.05_multi_td01 Search vendor "Tenda" for product "Ac18 Firmware" and version "us_ac18v1.0br_v15.03.05.05_multi_td01" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac18 Search vendor "Tenda" for product "Ac18" | - | - |
Safe
|
Tenda Search vendor "Tenda" | Ac18 Firmware Search vendor "Tenda" for product "Ac18 Firmware" | ac18_kf_v15.03.05.19\(6318_\)_cn Search vendor "Tenda" for product "Ac18 Firmware" and version "ac18_kf_v15.03.05.19\(6318_\)_cn" | - |
Affected
| in | Tenda Search vendor "Tenda" | Ac18 Search vendor "Tenda" for product "Ac18" | - | - |
Safe
|