Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:75674DE142EE6A5182F2C3AEAC3FE313
HistoryJan 13, 2015 - 12:00 a.m.

ASUS Router infosvr Service Remote Command Execution Vulnerability

2015-01-1300:00:00
SAINT Corporation
download.saintcorporation.com
14

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.965 High

EPSS

Percentile

99.6%

JSON

Added: 01/13/2015
CVE: CVE-2014-9583
BID: 71889
OSVDB: 116691

Background

ASUS manufactures network devices, including routers and wireless repeaters. Some of these devices include the infosvr service, part of the “ASUS Wireless Router Device Discovery Utility”. The infosvr service listens on port 9999/UDP.

Problem

The file **common.c** in infosvr used in ASUS RT-AC66U and other routers does not properly verify the source MAC address of incoming requests, thereby allowing an attacker on the local network to execute arbitrary commands less than 238 bytes sent to 9999/UDP as root.

Resolution

Update the firmware to revision 3.0.0.4.376.3754 or newer. Manually check the firmware version because the router’s “Check for Update” functionality may not work properly.

References

<http://www.pcworld.com/article/2867252/exploit-allows-asus-routers-to-be-hacked-from-local-network.html&gt;
<http://www.zdnet.com/article/asus-routers-vulnerable-to-network-attack-exploit-published/&gt;
<https://github.com/jduck/asus-cmd&gt;

Limitations

The exploit attempt must be launched from the same local network as the target.

Exploit was tested on ASUS RTN66U with firmware version 3.0.0.4.376_1071.

Related

checkpoint_advisories 1
seebug 1
saint 3
packetstorm 2
nessus 1
zdt 1
cve 1
prion 1
exploitpack 1
threatpost 1
exploitdb 1
checkpoint_advisories
checkpoint_advisories
ASUSWRT LAN Backdoor Remote Command Execution (CVE-2014-9583)
2016-10-26 00:00:00
seebug
seebug
ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution
2015-07-02 00:00:00
saint
saint
ASUS Router infosvr Service Remote Command Execution Vulnerability
2015-01-13 00:00:00
ASUS Router infosvr Service Remote Command Execution Vulnerability
2015-01-13 00:00:00
ASUS Router infosvr Service Remote Command Execution Vulnerability
2015-01-13 00:00:00
packetstorm
packetstorm
ASUS infosvr Authentication Bypass Command Execution
2018-04-21 00:00:00
AsusWRT Router Remote Code Execution
2018-01-26 00:00:00
nessus
nessus
ASUS Router 'infosvr' Remote Command Execution
2015-01-14 00:00:00
zdt
zdt
ASUS infosvr Authentication Bypass Command Execution Exploit
2018-04-22 00:00:00
cve
cve
CVE-2014-9583
2015-01-08 20:59:00
prion
prion
Authentication flaw
2015-01-08 20:59:00
exploitpack
exploitpack
AsusWRT Router 3.0.0.4.380.7743 - LAN Remote Code Execution
2018-01-22 00:00:00
threatpost
threatpost
ASUS Patches Root Command Execution Flaws Haunting Over a Dozen Router Models
2018-01-25 18:40:03
exploitdb
exploitdb
AsusWRT Router &lt; 3.0.0.4.380.7743 - LAN Remote Code Execution
2018-01-22 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.965 High

EPSS

Percentile

99.6%

JSON
Related for SAINT:75674DE142EE6A5182F2C3AEAC3FE313
checkpoint_advisories1seebug1saint3packetstorm2nessus1zdt1cve1prion1exploitpack1threatpost1exploitdb1