Networkmap buffer overflow vulnerability in multiple ASUS products (CNVD-2017-35393)

ASUS RT-AC5300 and others are wireless routers from ASUS. networkmap is one of the network map components. A buffer overflow vulnerability exists in networkmap in multiple ASUS products. A remote attacker can exploit this vulnerability to execute arbitrary code on the router...

Networkmap Buffer Overflow Vulnerability in Multiple ASUS Products

ASUS RT-AC5300 and others are wireless routers from ASUS. networkmap is one of the network diagram components. A buffer overflow vulnerability exists in networkmap in several ASUS products. A remote attacker can exploit this vulnerability to execute arbitrary code on the router...

Asuswrt-Merlin Firmware Stack Buffer Overflow Vulnerability in Multiple ASUS Products

ASUS RT-AC5300 and others are RT series router products from Asus ASUS.Asuswrt-Merlin is the firmware that runs on it. A stack buffer overflow vulnerability exists in the ASUSDiscovery.c file of networkmap in the Asuswrt-Merlin firmware in multiple ASUS products. A remote attacker can exploit thi...

CVE-2017-11420

Stack-based buffer overflow in ASUSDiscovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200,...

Stack overflow

Stack-based buffer overflow in ASUSDiscovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200,...

CVE-2017-11420

Stack-based buffer overflow in ASUSDiscovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200,...

CVE-2017-11345

Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RTAC1200GU,...

CVE-2017-11344

Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RTAC1200GU,...

CVE-2017-11345

Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RTAC1200GU,...

Stack overflow

Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RTAC1200GU,...

CVE-2017-11344

CVE-2017-11344 affects Asuswrt-Merlin and ASUS firmware for multiple routers, where a global buffer overflow in the networkmap component can be exploited by hosting a crafted device description XML via a Location header in an SSDP response. This allows a remote attacker to write shellcode into th...

CVE-2017-11345

CVE-2017-11345 describes a stack buffer overflow in the networkmap component of Asuswrt-Merlin firmware and ASUS firmware for a broad range of ASUS routers (e.g., RT-AC53, RT-AC68U, RT-AC88U, RT-N66U, RT-N12, RT-AC3200, RT-AC3100, etc.). The vulnerability is triggered when a crafted device descri...

CVE-2017-11345

Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RTAC1200GU,...

CVE-2017-6548

Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmware before...

CVE-2017-6548

CVE-2017-6548 affects ASUSWRT networkmap on multiple ASUS routers (various RT- models) with firmware before 3.0.0.4.380.7378/7266/9488. The issue is a buffer overflow in the SSDP/UPnP response parsing (process_device_response) that overflows host[16] when handling Location headers, enabling remot...

ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Remote Code Execution

ASUSWRT RT-AC53 3.0.0.4.380.6038 - Remote Code Execution Remote Code Execution Component: networkmap CVE: CVE-2017-6548 networkmap is responsible for generating a map of computers connected to the router. It continuously monitors the LAN to detect ARP requests submitted by unknown computers. When...

ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Remote Code Execution

Remote Code Execution Component: networkmap CVE: CVE-2017-6548 networkmap is responsible for generating a map of computers connected to the router. It continuously monitors the LAN to detect ARP requests submitted by unknown computers. When a new MAC address appears it will probe the related IP...

Directory traversal

Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute arbitrary local files via 1 the page parameter to ajax.php or 2 the id parameter to general/pandorahelp.php, and allow remote attackers to include and execute, create, modify, or...

Code injection

operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the layout parameter in an operation/agentes/networkmap action to index.php...

EUVD-2010-4251

operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the layout parameter in an operation/agentes/networkmap action to index.php...