// For flags

CVE-2018-17022

 

Severity Score

7.2
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0 value and then sending an appGet.cgi?hook=select_list("Storage_x_SharedPath") request, because ej_select_list in router/httpd/web.c uses strcpy.

Desbordamiento de búfer basado en pila en el router ASUS GT-AC5300 hasta la versión 3.0.0.4.384_32738 permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado del dispositivo) o, posiblemente, otro tipo de impacto sin especificar mediante el establecimiento de un valor sh_path0 largo y, después, enviando una petición appGet.cgi?hook=select_list("Storage_x_SharedPath"). Esto se debe a que ej_select_list en router httpd web.c emplea strcpy.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-09-13 CVE Reserved
  • 2018-09-13 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-09-17 First Exploit
  • 2024-11-08 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Asus
Search vendor "Asus"
Gt-ac5300 Firmware
Search vendor "Asus" for product "Gt-ac5300 Firmware"
<= 3.0.0.4.384_32738
Search vendor "Asus" for product "Gt-ac5300 Firmware" and version " <= 3.0.0.4.384_32738"
-
Affected
in Asus
Search vendor "Asus"
Gt-ac5300
Search vendor "Asus" for product "Gt-ac5300"
--
Safe