CVE-2023-26602

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE)

Exploit Title: ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution RCE Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-002-2023, SC Vendor Homepage: https://servers.asus.com/search?q=ASMB8 Version/Model: ASMB8 iKVM Firmware = 1.14.51 probably others Tested on: Linux...

ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE) & SSH Access

Exploit Title: ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution RCE & SSH Access Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-002-2023 Vendor Homepage: https://servers.asus.com/search?q=ASMB8 Version/Model: ASMB8 iKVM Firmware = 1.14.51 probably others Tested on: Linux...

Exploit for Command Injection in Asus Asmb8-Ikvm_Firmware

Exploit information for C...

ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Exploit Title: ASUS ASMB8 iKVM RCE and SSH Root Access Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-002-2023 Vendor Homepage: https://servers.asus.com/search?q=ASMB8 Version/Model: ASMB8 iKVM...

ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root Vulnerability

ASUS ASMB8 iKVM firmware versions 1.14.51 and below suffers from a flaw where SNMPv2 can be used with write access to introduce arbitrary extensions to achieve remote code execution as root. The researchers also discovered a hardcoded administrative account...

CVE-2023-26602

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

CVE-2023-26602

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

Command injection

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

PT-2023-7625 · Asus · Asus Asmb8 Ikvm

Name of the Vulnerable Software and Affected Versions: ASUS ASMB8 iKVM firmware versions 1.14.51 and earlier Description: The issue allows remote attackers to execute arbitrary code by using SNMP to create extensions. This can be demonstrated by using snmpset for NET-SNMP-EXTEND-MIB with /bin/sh...

CVE-2023-26602

CVE-2023-26602 affects ASUS ASMB8 iKVM firmware 1.14.51 and earlier. A remote attacker can execute arbitrary code by using SNMP to create extensions, demonstrated via snmpset for NET-SNMP-EXTEND-MIB with /bin/sh. Affected component/firmware: ASMB8 iKVM, firmware up to 1.14.51. Root cause: SNMP wr...

ASUS ASMB8-iKVM 命令注入漏洞

ASUS ASMB8-iKVM is an effective remote server management chip from Asus China. A security vulnerability exists in ASUS ASMB8-iKVM version 1.14.51 and earlier, which originated from a vulnerability that allows remote attackers to execute arbitrary code by creating an extension using SNMP...

CVE-2023-26602

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...