Lucene search

K
saint
SAINT CorporationSAINT:79379382D62E420B234A449DAE36D8AE
HistoryJan 13, 2015 - 12:00 a.m.

ASUS Router infosvr Service Remote Command Execution Vulnerability

2015-01-1300:00:00
SAINT Corporation
download.saintcorporation.com
21

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.4%

Added: 01/13/2015
CVE: CVE-2014-9583
BID: 71889
OSVDB: 116691

Background

ASUS manufactures network devices, including routers and wireless repeaters. Some of these devices include the infosvr service, part of the “ASUS Wireless Router Device Discovery Utility”. The infosvr service listens on port 9999/UDP.

Problem

The file **common.c** in infosvr used in ASUS RT-AC66U and other routers does not properly verify the source MAC address of incoming requests, thereby allowing an attacker on the local network to execute arbitrary commands less than 238 bytes sent to 9999/UDP as root.

Resolution

Update the firmware to revision 3.0.0.4.376.3754 or newer. Manually check the firmware version because the router’s “Check for Update” functionality may not work properly.

References

<http://www.pcworld.com/article/2867252/exploit-allows-asus-routers-to-be-hacked-from-local-network.html&gt;
<http://www.zdnet.com/article/asus-routers-vulnerable-to-network-attack-exploit-published/&gt;
<https://github.com/jduck/asus-cmd&gt;

Limitations

The exploit attempt must be launched from the same local network as the target.

Exploit was tested on ASUS RTN66U with firmware version 3.0.0.4.376_1071.

How to find holes in your network?

Try incredible fast Vulners Perimeter Scanner and find vulnerabilities and unnecessary ip and ports in network devices inside your network before anyone else.

Try Network Scanner

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.4%

Related for SAINT:79379382D62E420B234A449DAE36D8AE