CVE-2023-26602

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE)

Exploit Title: ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution RCE Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-002-2023, SC Vendor Homepage: https://servers.asus.com/search?q=ASMB8 Version/Model: ASMB8 iKVM Firmware = 1.14.51 probably others Tested on: Linux...

Exploit for Command Injection in Asus Asmb8-Ikvm_Firmware

Exploit information for C...

The vulnerability of the SNMPv2 protocol implementation in ASUS’ ASMB8 iKVM remote control device allows a hacker to execute arbitrary commands.

The vulnerability of the SNMPv2 protocol implementation in ASUS’ ASMB8 iKVM remote control device is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root Vulnerability

ASUS ASMB8 iKVM firmware versions 1.14.51 and below suffers from a flaw where SNMPv2 can be used with write access to introduce arbitrary extensions to achieve remote code execution as root. The researchers also discovered a hardcoded administrative account...

ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Exploit Title: ASUS ASMB8 iKVM RCE and SSH Root Access Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-002-2023 Vendor Homepage: https://servers.asus.com/search?q=ASMB8 Version/Model: ASMB8 iKVM...

CVE-2023-26602

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

CVE-2023-26602

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

Command injection

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

PT-2023-7625 · Asus · Asus Asmb8 Ikvm

Name of the Vulnerable Software and Affected Versions: ASUS ASMB8 iKVM firmware versions 1.14.51 and earlier Description: The issue allows remote attackers to execute arbitrary code by using SNMP to create extensions. This can be demonstrated by using snmpset for NET-SNMP-EXTEND-MIB with /bin/sh...

ASUS ASMB8-iKVM 命令注入漏洞

ASUS ASMB8-iKVM is an effective remote server management chip from Asus China. A security vulnerability exists in ASUS ASMB8-iKVM version 1.14.51 and earlier, which originated from a vulnerability that allows remote attackers to execute arbitrary code by creating an extension using SNMP...

CVE-2023-26602

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

CVE-2023-26602

CVE-2023-26602 affects ASUS ASMB8 iKVM firmware 1.14.51 and earlier. A remote attacker can execute arbitrary code by using SNMP to create extensions, demonstrated via snmpset for NET-SNMP-EXTEND-MIB with /bin/sh. Affected component/firmware: ASMB8 iKVM, firmware up to 1.14.51. Root cause: SNMP wr...

Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the mono-ikvm package of the SUSE Linux Enterprise operating system can lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the mono-ikvm package of the OpenSUSE operating system can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...