CRITICAL🇵🇱 Wersja polska

CVE-2018-6000

CVSS 9.8v3.0pub. 2018-01-22upd. 2024-11-21

An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Asus Asuswrt

    OS
    Asus
    < 3.0.0.4.384_10007
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth BypassVPN
CWE
References

Related vulnerabilities

CVE-2022-26376CRITICAL9.8ten sam produkt

A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_4...

CVE-2018-20334CRITICAL9.8ten sam produkt

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is...

CVE-2017-15655CRITICAL9.6ten sam produkt

Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. Al...

CVE-2018-5999CRITICAL9.8ten sam produkt

An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/ht...

CVE-2018-20333HIGH7.5ten sam produkt

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp ...