// For flags

CVE-2018-9285

ASUS TM-AC1900 Arbitrary Command Execution

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.

Main_Analysis_Content.asp en /apply.cgi en dispositivos ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900 y en dispositivos RT-AC3100 en versiones anteriores a la 3.0.0.4.384_10007; dispositivos RT-N18U en versiones anteriores a la 3.0.0.4.382.39935; dispositivos RT-AC87U y RT-AC3200 en versiones anteriores a la 3.0.0.4.382.50010; y dispositivos RT-AC5300 en versiones anteriores a la 3.0.0.4.384.20287 permite la inyección de comandos del sistema operativo mediante los campos pingCNT y destIP de la variable SystemCmd.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-04-04 CVE Reserved
  • 2018-04-04 CVE Published
  • 2023-11-22 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Asus
Search vendor "Asus"
Rt-ac66u Firmware
Search vendor "Asus" for product "Rt-ac66u Firmware"
< 3.0.0.4.384.10007
Search vendor "Asus" for product "Rt-ac66u Firmware" and version " < 3.0.0.4.384.10007"
-
Affected
in Asus
Search vendor "Asus"
Rt-ac66u
Search vendor "Asus" for product "Rt-ac66u"
--
Safe
Asus
Search vendor "Asus"
Rt-ac68u Firmware
Search vendor "Asus" for product "Rt-ac68u Firmware"
< 3.0.0.4.384.10007
Search vendor "Asus" for product "Rt-ac68u Firmware" and version " < 3.0.0.4.384.10007"
-
Affected
in Asus
Search vendor "Asus"
Rt-ac68u
Search vendor "Asus" for product "Rt-ac68u"
--
Safe
Asus
Search vendor "Asus"
Rt-ac86u Firmware
Search vendor "Asus" for product "Rt-ac86u Firmware"
< 3.0.0.4.384.10007
Search vendor "Asus" for product "Rt-ac86u Firmware" and version " < 3.0.0.4.384.10007"
-
Affected
in Asus
Search vendor "Asus"
Rt-ac86u
Search vendor "Asus" for product "Rt-ac86u"
--
Safe
Asus
Search vendor "Asus"
Rt-ac88u Firmware
Search vendor "Asus" for product "Rt-ac88u Firmware"
< 3.0.0.4.384.10007
Search vendor "Asus" for product "Rt-ac88u Firmware" and version " < 3.0.0.4.384.10007"
-
Affected
in Asus
Search vendor "Asus"
Rt-ac88u
Search vendor "Asus" for product "Rt-ac88u"
--
Safe
Asus
Search vendor "Asus"
Rt-ac1900 Firmware
Search vendor "Asus" for product "Rt-ac1900 Firmware"
< 3.0.0.4.384.10007
Search vendor "Asus" for product "Rt-ac1900 Firmware" and version " < 3.0.0.4.384.10007"
-
Affected
in Asus
Search vendor "Asus"
Rt-ac1900
Search vendor "Asus" for product "Rt-ac1900"
--
Safe
Asus
Search vendor "Asus"
Rt-ac2900 Firmware
Search vendor "Asus" for product "Rt-ac2900 Firmware"
< 3.0.0.4.384.10007
Search vendor "Asus" for product "Rt-ac2900 Firmware" and version " < 3.0.0.4.384.10007"
-
Affected
in Asus
Search vendor "Asus"
Rt-ac2900
Search vendor "Asus" for product "Rt-ac2900"
--
Safe
Asus
Search vendor "Asus"
Rt-ac3100 Firmware
Search vendor "Asus" for product "Rt-ac3100 Firmware"
< 3.0.0.4.384.10007
Search vendor "Asus" for product "Rt-ac3100 Firmware" and version " < 3.0.0.4.384.10007"
-
Affected
in Asus
Search vendor "Asus"
Rt-ac3100
Search vendor "Asus" for product "Rt-ac3100"
--
Safe
Asus
Search vendor "Asus"
Rt-n18u Firmware
Search vendor "Asus" for product "Rt-n18u Firmware"
< 3.0.0.4.382.39935
Search vendor "Asus" for product "Rt-n18u Firmware" and version " < 3.0.0.4.382.39935"
-
Affected
in Asus
Search vendor "Asus"
Rt-n18u
Search vendor "Asus" for product "Rt-n18u"
--
Safe
Asus
Search vendor "Asus"
Rt-ac87u Firmware
Search vendor "Asus" for product "Rt-ac87u Firmware"
< 3.0.0.4.382.50010
Search vendor "Asus" for product "Rt-ac87u Firmware" and version " < 3.0.0.4.382.50010"
-
Affected
in Asus
Search vendor "Asus"
Rt-ac87u
Search vendor "Asus" for product "Rt-ac87u"
--
Safe
Asus
Search vendor "Asus"
Rt-ac3200 Firmware
Search vendor "Asus" for product "Rt-ac3200 Firmware"
< 3.0.0.4.382.50010
Search vendor "Asus" for product "Rt-ac3200 Firmware" and version " < 3.0.0.4.382.50010"
-
Affected
in Asus
Search vendor "Asus"
Rt-ac3200
Search vendor "Asus" for product "Rt-ac3200"
--
Safe
Asus
Search vendor "Asus"
Rt-ac5300 Firmware
Search vendor "Asus" for product "Rt-ac5300 Firmware"
< 3.0.0.4.384.20287
Search vendor "Asus" for product "Rt-ac5300 Firmware" and version " < 3.0.0.4.384.20287"
-
Affected
in Asus
Search vendor "Asus"
Rt-ac5300
Search vendor "Asus" for product "Rt-ac5300"
--
Safe