Search criteria
15 vulnerabilities found for rt-ac68p_firmware by asuswrt-merlin_project
FKIE_CVE-2018-18319
Vulnerability from fkie_nvd - Published: 2018-10-15 06:29 - Updated: 2024-11-21 03:55
Severity ?
Summary
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://blog.51cto.com/010bjsoft/2298902 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/qoli/Merlin.PHP/issues/27 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.51cto.com/010bjsoft/2298902 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/qoli/Merlin.PHP/issues/27 | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED15A053-1AE6-4BB3-ADBA-96329323EBA3",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B85195C1-D431-47A3-B740-84B9E97E6A97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "283578AF-6824-47B4-B9DD-7924AD1F4A38",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "879F2C62-40D6-47C7-B08D-EF394C184141",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E13D59-9CF5-4F18-A6D3-25D6006BAB4D",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A532686-2867-4960-979B-7B91CB403F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20D7BF63-6A61-41DF-872A-BB633BD43130",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9024B4-BF99-4002-8550-24DA6BE94013",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "666016D7-2C7B-41A8-A569-9D65ECEA6A25",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3348D32-AA0C-4249-B507-1A46DF5A62F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05637197-E5CC-4763-90E4-BBC5C483C8D4",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21F533CF-447F-4BA8-B01E-F6E8290D768C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41CAD598-315A-4E29-9E2A-D1A87F2D61F7",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E7631A-AD48-4AFA-8F7D-E39578F492ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF34B61-AF04-4621-9D42-6DE206F50E73",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC4D044-4850-465D-B1DA-ED734BCC5277",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68uf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA39C45E-70FE-48B8-8B04-C8C9D1D02868",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68uf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3152E7-93AC-4B27-B7F5-4010FA4223FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac87_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D846074C-E61B-4081-AB28-1AA1ADB85E2F",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac87:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FBC51F8-85D7-4CA5-A784-76A32CCB7D84",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B24E081-FD68-4132-8FBE-E84CD5CF426E",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30E15ED3-C71D-402D-B879-B4CA5D5B3525",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac1900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6169767-7260-4A1F-956E-BD562D0C92C0",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF0BCFD-F60C-421D-A9FE-5C48D40AA998",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac86u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EECDC838-646C-4002-AF32-2A24EB41B520",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "382FC68A-853E-4184-A87A-9786D8B0ED5F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac2900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB234D78-C183-425C-AD60-3F2C088099E0",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8EEC43-6C18-42C0-BD01-295D2060610D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command\u0026class=remote\u0026Cc=\u0027ls\u0027 URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution"
},
{
"lang": "es",
"value": "** EN DISPUTA ** Se ha descubierto un problema en la versi\u00f3n 0.6.6 del componente Merlin.PHP para dispositivos Asuswrt-Merlin. Un atacante puede ejecutar comandos arbitrarios debido a que api.php tiene una llamada eval, tal y como queda demostrado con el URI /6/api.php?function=commandclass=remoteCc=\u0027ls\u0027. NOTA: el fabricante indica que Merlin.PHP est\u00e1 dise\u00f1ado para ser empleado solamente en una red de intranet fiable y que se permite intencionadamente la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"id": "CVE-2018-18319",
"lastModified": "2024-11-21T03:55:42.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-15T06:29:00.607",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.51cto.com/010bjsoft/2298902"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/27"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.51cto.com/010bjsoft/2298902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/27"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-18320
Vulnerability from fkie_nvd - Published: 2018-10-15 06:29 - Updated: 2024-11-21 03:55
Severity ?
Summary
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://blog.51cto.com/010bjsoft/2298828 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/qoli/Merlin.PHP/issues/26 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.51cto.com/010bjsoft/2298828 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/qoli/Merlin.PHP/issues/26 | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED15A053-1AE6-4BB3-ADBA-96329323EBA3",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B85195C1-D431-47A3-B740-84B9E97E6A97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "283578AF-6824-47B4-B9DD-7924AD1F4A38",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "879F2C62-40D6-47C7-B08D-EF394C184141",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E13D59-9CF5-4F18-A6D3-25D6006BAB4D",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A532686-2867-4960-979B-7B91CB403F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20D7BF63-6A61-41DF-872A-BB633BD43130",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9024B4-BF99-4002-8550-24DA6BE94013",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "666016D7-2C7B-41A8-A569-9D65ECEA6A25",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3348D32-AA0C-4249-B507-1A46DF5A62F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05637197-E5CC-4763-90E4-BBC5C483C8D4",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21F533CF-447F-4BA8-B01E-F6E8290D768C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41CAD598-315A-4E29-9E2A-D1A87F2D61F7",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E7631A-AD48-4AFA-8F7D-E39578F492ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF34B61-AF04-4621-9D42-6DE206F50E73",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC4D044-4850-465D-B1DA-ED734BCC5277",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68uf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA39C45E-70FE-48B8-8B04-C8C9D1D02868",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68uf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3152E7-93AC-4B27-B7F5-4010FA4223FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac87_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D846074C-E61B-4081-AB28-1AA1ADB85E2F",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac87:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FBC51F8-85D7-4CA5-A784-76A32CCB7D84",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B24E081-FD68-4132-8FBE-E84CD5CF426E",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30E15ED3-C71D-402D-B879-B4CA5D5B3525",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac1900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6169767-7260-4A1F-956E-BD562D0C92C0",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac1900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF0BCFD-F60C-421D-A9FE-5C48D40AA998",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac86u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EECDC838-646C-4002-AF32-2A24EB41B520",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac86u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "382FC68A-853E-4184-A87A-9786D8B0ED5F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac2900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB234D78-C183-425C-AD60-3F2C088099E0",
"versionEndIncluding": "380.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac2900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8EEC43-6C18-42C0-BD01-295D2060610D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution"
},
{
"lang": "es",
"value": "** EN DISPUTA ** Se ha descubierto un problema en la versi\u00f3n 0.6.6 del componente Merlin.PHP para dispositivos Asuswrt-Merlin. Un atacante puede ejecutar comandos arbitrarios debido a que exec.php tiene una llamada popen. NOTA: el fabricante indica que Merlin.PHP est\u00e1 dise\u00f1ado para ser empleado solamente en una red de intranet fiable y que se permite intencionadamente la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"id": "CVE-2018-18320",
"lastModified": "2024-11-21T03:55:42.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-15T06:29:00.763",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.51cto.com/010bjsoft/2298828"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.51cto.com/010bjsoft/2298828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/26"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-11420
Vulnerability from fkie_nvd - Published: 2017-07-18 05:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/07/13/1 | Exploit, Mailing List, Third Party Advisory | |
| cve@mitre.org | https://asuswrt.lostrealm.ca/changelog | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/07/13/1 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://asuswrt.lostrealm.ca/changelog |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D88DAF-DFC0-4272-92E8-92B8B720ABC2",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B85195C1-D431-47A3-B740-84B9E97E6A97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC02A03-C4AA-4A88-A4C5-B28851820640",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "879F2C62-40D6-47C7-B08D-EF394C184141",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92F02BF7-4804-4088-974A-850BE8753637",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A532686-2867-4960-979B-7B91CB403F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5976A71-B3A0-41EA-ACCA-FC7DDE42A288",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9024B4-BF99-4002-8550-24DA6BE94013",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8A15254-7453-4DF2-9EAC-4D13FD11AF05",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3348D32-AA0C-4249-B507-1A46DF5A62F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4FEB77-CD0D-4313-BB03-9DD480A7971C",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC93B36-B0B3-4557-812A-042E6ADC3EA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BE5C7A7-D210-4CA0-9391-FF1BF640F1AD",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21F533CF-447F-4BA8-B01E-F6E8290D768C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac58u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7116534C-8FC3-49C0-8911-F0160FFC6CB9",
"versionEndIncluding": "3.0.0.4.380.7485",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E770C7D6-5403-455F-BCBF-C56E21CBCD40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F02DDE-A0EF-4A07-BEBA-C41E99FDDCE8",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E7631A-AD48-4AFA-8F7D-E39578F492ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac55u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "858F993B-494F-4CD0-AEEA-9C96505A7460",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883E9C34-65D6-4D2C-9D60-A173575247B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac52u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA2E840-7343-40A0-A32D-455E950DAAD3",
"versionEndIncluding": "3.0.0.4.380.4180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac52u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9DDB3B-0765-4A69-9190-FF132630F291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac51u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67A02F10-D8C4-49E1-A6DD-C7E0600F3C49",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91207A19-15F3-476A-8136-08665E10119D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n18u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F031C0-ED90-4470-8DEA-F22CB081C22E",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n18u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "625C1795-2197-461F-9880-523CEB436B9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n66u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD21108-18FA-4545-8712-0EDD6DA40C12",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "474CEA6E-1F80-4A10-B750-7F47C94629E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n56u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9EBB70-B4A6-4F9D-A9C7-32620E2D2735",
"versionEndIncluding": "3.0.0.4.378.7177",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0C2572-667F-4BDE-B296-1B4210E351FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDDCCBF-FD1A-4EE1-9B2D-9E11D4417D9A",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC4D044-4850-465D-B1DA-ED734BCC5277",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "052CE11F-FF92-452D-8A3A-3651A303F100",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30E15ED3-C71D-402D-B879-B4CA5D5B3525",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1200gu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00F54F3B-C7D0-49C9-B6C0-9AD2EC53C2EE",
"versionEndIncluding": "3.0.0.4.380.5577",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1200gu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23171DFA-6307-4078-BBB7-4E8EA904131F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1200g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "974F507C-A577-424B-A332-CC4EE3442E04",
"versionEndIncluding": "3.0.0.4.380.3167",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D58B6588-9F8F-48B9-9EE0-209BBFE0C9CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9311D4-A79F-4EDD-9442-6D87A1AE4D71",
"versionEndIncluding": "3.0.0.4.380.9880",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25606A77-1489-4624-8759-20DEC679E5E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac53_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49F94A48-EE6E-49F5-A673-229A42967EF4",
"versionEndIncluding": "3.0.0.4.380.9883",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75CE8587-6DF9-4AB4-A2D8-F45D52D86419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97E8B7EB-6CCA-4D17-8851-8C762FC9D6C8",
"versionEndIncluding": "3.0.0.4.380.2943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F166B64F-2A6E-404C-AD3F-337D631043F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E92F296-E91F-4B61-8D9F-F3CADD8CBB0E",
"versionEndIncluding": "3.0.0.4.380.3479",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12hp_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25CCFDE4-B93B-4149-BB2F-EC113F316876",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12d1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3394D8-B251-444F-9CCB-2DC4C5F925EA",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18926678-B568-4B23-8882-877ECB802D90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12\\+_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9D353C-C88E-4772-83A4-BA2774D1296D",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44800173-189F-45D7-A8D0-0DFF3BA02488",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_n12\\+_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC8FF40-47DF-4D08-98FF-09A9D51E8220",
"versionEndIncluding": "3.0.0.4.380.9880",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_n12\\+_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB403995-31CF-4468-9245-205EF4FE309A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n16_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4733E9E4-B297-4AF5-AEBA-C87D5E62FE62",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1708CE7D-7096-4846-A143-F248D5F25B15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00790F60-6870-47AE-B779-B8DF3DF5D2CD",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F266FCC-AC0C-4802-946E-3E4302E0A834",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el archivo ASUS_Discovery.c en componente networkmap en firmware Asuswrt-Merlin para dispositivos ASUS y firmware ASUS para dispositivos ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, y RT-N300, permiten que los atacantes remotos ejecuten c\u00f3digo arbitrario por medio de informaci\u00f3n de dispositivo larga que es manejada inapropiadamente durante un strcat en una lista de dispositivos."
}
],
"id": "CVE-2017-11420",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-18T05:29:00.470",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/13/1"
},
{
"source": "cve@mitre.org",
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://asuswrt.lostrealm.ca/changelog"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-11344
Vulnerability from fkie_nvd - Published: 2017-07-17 13:18 - Updated: 2025-04-20 01:37
Severity ?
Summary
Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/07/14/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://asuswrt.lostrealm.ca/changelog | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/07/14/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://asuswrt.lostrealm.ca/changelog |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D88DAF-DFC0-4272-92E8-92B8B720ABC2",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B85195C1-D431-47A3-B740-84B9E97E6A97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC02A03-C4AA-4A88-A4C5-B28851820640",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "879F2C62-40D6-47C7-B08D-EF394C184141",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92F02BF7-4804-4088-974A-850BE8753637",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A532686-2867-4960-979B-7B91CB403F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5976A71-B3A0-41EA-ACCA-FC7DDE42A288",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9024B4-BF99-4002-8550-24DA6BE94013",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8A15254-7453-4DF2-9EAC-4D13FD11AF05",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3348D32-AA0C-4249-B507-1A46DF5A62F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4FEB77-CD0D-4313-BB03-9DD480A7971C",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC93B36-B0B3-4557-812A-042E6ADC3EA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BE5C7A7-D210-4CA0-9391-FF1BF640F1AD",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21F533CF-447F-4BA8-B01E-F6E8290D768C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac58u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7116534C-8FC3-49C0-8911-F0160FFC6CB9",
"versionEndIncluding": "3.0.0.4.380.7485",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E770C7D6-5403-455F-BCBF-C56E21CBCD40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F02DDE-A0EF-4A07-BEBA-C41E99FDDCE8",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E7631A-AD48-4AFA-8F7D-E39578F492ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac55u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "858F993B-494F-4CD0-AEEA-9C96505A7460",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883E9C34-65D6-4D2C-9D60-A173575247B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac52u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA2E840-7343-40A0-A32D-455E950DAAD3",
"versionEndIncluding": "3.0.0.4.380.4180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac52u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9DDB3B-0765-4A69-9190-FF132630F291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac51u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67A02F10-D8C4-49E1-A6DD-C7E0600F3C49",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91207A19-15F3-476A-8136-08665E10119D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n18u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F031C0-ED90-4470-8DEA-F22CB081C22E",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n18u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "625C1795-2197-461F-9880-523CEB436B9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n66u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD21108-18FA-4545-8712-0EDD6DA40C12",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "474CEA6E-1F80-4A10-B750-7F47C94629E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n56u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9EBB70-B4A6-4F9D-A9C7-32620E2D2735",
"versionEndIncluding": "3.0.0.4.378.7177",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0C2572-667F-4BDE-B296-1B4210E351FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDDCCBF-FD1A-4EE1-9B2D-9E11D4417D9A",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC4D044-4850-465D-B1DA-ED734BCC5277",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "052CE11F-FF92-452D-8A3A-3651A303F100",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30E15ED3-C71D-402D-B879-B4CA5D5B3525",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1200gu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00F54F3B-C7D0-49C9-B6C0-9AD2EC53C2EE",
"versionEndIncluding": "3.0.0.4.380.5577",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1200gu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23171DFA-6307-4078-BBB7-4E8EA904131F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1200g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "974F507C-A577-424B-A332-CC4EE3442E04",
"versionEndIncluding": "3.0.0.4.380.3167",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D58B6588-9F8F-48B9-9EE0-209BBFE0C9CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9311D4-A79F-4EDD-9442-6D87A1AE4D71",
"versionEndIncluding": "3.0.0.4.380.9880",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25606A77-1489-4624-8759-20DEC679E5E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac53_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49F94A48-EE6E-49F5-A673-229A42967EF4",
"versionEndIncluding": "3.0.0.4.380.9883",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75CE8587-6DF9-4AB4-A2D8-F45D52D86419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97E8B7EB-6CCA-4D17-8851-8C762FC9D6C8",
"versionEndIncluding": "3.0.0.4.380.2943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F166B64F-2A6E-404C-AD3F-337D631043F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E92F296-E91F-4B61-8D9F-F3CADD8CBB0E",
"versionEndIncluding": "3.0.0.4.380.3479",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12hp_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25CCFDE4-B93B-4149-BB2F-EC113F316876",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12d1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3394D8-B251-444F-9CCB-2DC4C5F925EA",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18926678-B568-4B23-8882-877ECB802D90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12\\+_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9D353C-C88E-4772-83A4-BA2774D1296D",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44800173-189F-45D7-A8D0-0DFF3BA02488",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_n12\\+_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC8FF40-47DF-4D08-98FF-09A9D51E8220",
"versionEndIncluding": "3.0.0.4.380.9880",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_n12\\+_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB403995-31CF-4468-9245-205EF4FE309A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n16_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4733E9E4-B297-4AF5-AEBA-C87D5E62FE62",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1708CE7D-7096-4846-A143-F248D5F25B15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00790F60-6870-47AE-B779-B8DF3DF5D2CD",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F266FCC-AC0C-4802-946E-3E4302E0A834",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response."
},
{
"lang": "es",
"value": "Un Desbordamiento de b\u00fafer global en networkmap en el firmware Asuswrt-Merlin para dispositivos ASUS y en el firmware ASUS para dispositivos RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 de ASUS, permiten a los atacantes remotos escribir c\u00f3digo shell en cualquier direcci\u00f3n de la pila; esto puede ser utilizado para ejecutar c\u00f3digo arbitrario en el enrutador mediante el alojamiento de un documento XML creado de descripci\u00f3n de dispositivo en una URL especificada dentro de un encabezado Location en una respuesta SSDP."
}
],
"id": "CVE-2017-11344",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T13:18:20.923",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
},
{
"source": "cve@mitre.org",
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://asuswrt.lostrealm.ca/changelog"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-11345
Vulnerability from fkie_nvd - Published: 2017-07-17 13:18 - Updated: 2025-04-20 01:37
Severity ?
Summary
Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/07/14/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://asuswrt.lostrealm.ca/changelog | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/07/14/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://asuswrt.lostrealm.ca/changelog |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D88DAF-DFC0-4272-92E8-92B8B720ABC2",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B85195C1-D431-47A3-B740-84B9E97E6A97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC02A03-C4AA-4A88-A4C5-B28851820640",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "879F2C62-40D6-47C7-B08D-EF394C184141",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92F02BF7-4804-4088-974A-850BE8753637",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A532686-2867-4960-979B-7B91CB403F56",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5976A71-B3A0-41EA-ACCA-FC7DDE42A288",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9024B4-BF99-4002-8550-24DA6BE94013",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8A15254-7453-4DF2-9EAC-4D13FD11AF05",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3348D32-AA0C-4249-B507-1A46DF5A62F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4FEB77-CD0D-4313-BB03-9DD480A7971C",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC93B36-B0B3-4557-812A-042E6ADC3EA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BE5C7A7-D210-4CA0-9391-FF1BF640F1AD",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21F533CF-447F-4BA8-B01E-F6E8290D768C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac58u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7116534C-8FC3-49C0-8911-F0160FFC6CB9",
"versionEndIncluding": "3.0.0.4.380.7485",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac58u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E770C7D6-5403-455F-BCBF-C56E21CBCD40",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F02DDE-A0EF-4A07-BEBA-C41E99FDDCE8",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E7631A-AD48-4AFA-8F7D-E39578F492ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac55u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "858F993B-494F-4CD0-AEEA-9C96505A7460",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac55u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "883E9C34-65D6-4D2C-9D60-A173575247B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac52u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA2E840-7343-40A0-A32D-455E950DAAD3",
"versionEndIncluding": "3.0.0.4.380.4180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac52u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9DDB3B-0765-4A69-9190-FF132630F291",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac51u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67A02F10-D8C4-49E1-A6DD-C7E0600F3C49",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac51u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91207A19-15F3-476A-8136-08665E10119D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n18u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F031C0-ED90-4470-8DEA-F22CB081C22E",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n18u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "625C1795-2197-461F-9880-523CEB436B9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n66u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD21108-18FA-4545-8712-0EDD6DA40C12",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n66u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "474CEA6E-1F80-4A10-B750-7F47C94629E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n56u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9EBB70-B4A6-4F9D-A9C7-32620E2D2735",
"versionEndIncluding": "3.0.0.4.378.7177",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n56u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0C2572-667F-4BDE-B296-1B4210E351FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDDCCBF-FD1A-4EE1-9B2D-9E11D4417D9A",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC4D044-4850-465D-B1DA-ED734BCC5277",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "052CE11F-FF92-452D-8A3A-3651A303F100",
"versionEndIncluding": "3.0.0.4.380.7743",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30E15ED3-C71D-402D-B879-B4CA5D5B3525",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1200gu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00F54F3B-C7D0-49C9-B6C0-9AD2EC53C2EE",
"versionEndIncluding": "3.0.0.4.380.5577",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1200gu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23171DFA-6307-4078-BBB7-4E8EA904131F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_ac1200g_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "974F507C-A577-424B-A332-CC4EE3442E04",
"versionEndIncluding": "3.0.0.4.380.3167",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_ac1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D58B6588-9F8F-48B9-9EE0-209BBFE0C9CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9311D4-A79F-4EDD-9442-6D87A1AE4D71",
"versionEndIncluding": "3.0.0.4.380.9880",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25606A77-1489-4624-8759-20DEC679E5E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-ac53_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49F94A48-EE6E-49F5-A673-229A42967EF4",
"versionEndIncluding": "3.0.0.4.380.9883",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-ac53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75CE8587-6DF9-4AB4-A2D8-F45D52D86419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97E8B7EB-6CCA-4D17-8851-8C762FC9D6C8",
"versionEndIncluding": "3.0.0.4.380.2943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F166B64F-2A6E-404C-AD3F-337D631043F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_b1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E92F296-E91F-4B61-8D9F-F3CADD8CBB0E",
"versionEndIncluding": "3.0.0.4.380.3479",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12hp_b1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25CCFDE4-B93B-4149-BB2F-EC113F316876",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12d1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3394D8-B251-444F-9CCB-2DC4C5F925EA",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18926678-B568-4B23-8882-877ECB802D90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n12\\+_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9D353C-C88E-4772-83A4-BA2774D1296D",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n12\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44800173-189F-45D7-A8D0-0DFF3BA02488",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt_n12\\+_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC8FF40-47DF-4D08-98FF-09A9D51E8220",
"versionEndIncluding": "3.0.0.4.380.9880",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt_n12\\+_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB403995-31CF-4468-9245-205EF4FE309A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n16_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4733E9E4-B297-4AF5-AEBA-C87D5E62FE62",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1708CE7D-7096-4846-A143-F248D5F25B15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:asuswrt-merlin_project:rt-n300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00790F60-6870-47AE-B779-B8DF3DF5D2CD",
"versionEndIncluding": "3.0.0.4.380.7378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asuswrt-merlin_project:rt-n300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F266FCC-AC0C-4802-946E-3E4302E0A834",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer de la pila en networkmap en el firmware Asuswrt-Merlin para dispositivos ASUS y firmware ASUS para dispositivos RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 de ASUS, permiten que los atacantes remotos ejecuten c\u00f3digo arbitrario en el enrutador mediante el alojamiento de un documento XML creado de descripci\u00f3n de dispositivo (que incluye un elemento serviceType) en una URL especificada dentro de un encabezado Location en una respuesta SSDP."
}
],
"id": "CVE-2017-11345",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T13:18:20.953",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
},
{
"source": "cve@mitre.org",
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://asuswrt.lostrealm.ca/changelog"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-18320 (GCVE-0-2018-18320)
Vulnerability from cvelistv5 – Published: 2018-10-15 06:00 – Updated: 2024-09-16 22:41
VLAI?
Summary
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:08:21.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.51cto.com/010bjsoft/2298828"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T06:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.51cto.com/010bjsoft/2298828"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/qoli/Merlin.PHP/issues/26",
"refsource": "MISC",
"url": "https://github.com/qoli/Merlin.PHP/issues/26"
},
{
"name": "http://blog.51cto.com/010bjsoft/2298828",
"refsource": "MISC",
"url": "http://blog.51cto.com/010bjsoft/2298828"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18320",
"datePublished": "2018-10-15T06:00:00Z",
"dateReserved": "2018-10-15T00:00:00Z",
"dateUpdated": "2024-09-16T22:41:30.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18319 (GCVE-0-2018-18319)
Vulnerability from cvelistv5 – Published: 2018-10-15 06:00 – Updated: 2024-09-16 16:28
VLAI?
Summary
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:08:21.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.51cto.com/010bjsoft/2298902"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/27"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command\u0026class=remote\u0026Cc=\u0027ls\u0027 URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T06:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.51cto.com/010bjsoft/2298902"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/27"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command\u0026class=remote\u0026Cc=\u0027ls\u0027 URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.51cto.com/010bjsoft/2298902",
"refsource": "MISC",
"url": "http://blog.51cto.com/010bjsoft/2298902"
},
{
"name": "https://github.com/qoli/Merlin.PHP/issues/27",
"refsource": "MISC",
"url": "https://github.com/qoli/Merlin.PHP/issues/27"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18319",
"datePublished": "2018-10-15T06:00:00Z",
"dateReserved": "2018-10-15T00:00:00Z",
"dateUpdated": "2024-09-16T16:28:44.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11420 (GCVE-0-2017-11420)
Vulnerability from cvelistv5 – Published: 2017-07-18 05:00 – Updated: 2024-08-05 18:12
VLAI?
Summary
Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:39.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/13/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/13/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://asuswrt.lostrealm.ca/changelog",
"refsource": "CONFIRM",
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"name": "http://www.openwall.com/lists/oss-security/2017/07/13/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2017/07/13/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11420",
"datePublished": "2017-07-18T05:00:00",
"dateReserved": "2017-07-18T00:00:00",
"dateUpdated": "2024-08-05T18:12:39.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11344 (GCVE-0-2017-11344)
Vulnerability from cvelistv5 – Published: 2017-07-16 23:00 – Updated: 2024-08-05 18:05
VLAI?
Summary
Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11344",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://asuswrt.lostrealm.ca/changelog",
"refsource": "CONFIRM",
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"name": "http://www.openwall.com/lists/oss-security/2017/07/14/3",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11344",
"datePublished": "2017-07-16T23:00:00",
"dateReserved": "2017-07-16T00:00:00",
"dateUpdated": "2024-08-05T18:05:30.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11345 (GCVE-0-2017-11345)
Vulnerability from cvelistv5 – Published: 2017-07-16 23:00 – Updated: 2024-08-05 18:05
VLAI?
Summary
Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11345",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://asuswrt.lostrealm.ca/changelog",
"refsource": "CONFIRM",
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"name": "http://www.openwall.com/lists/oss-security/2017/07/14/3",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11345",
"datePublished": "2017-07-16T23:00:00",
"dateReserved": "2017-07-16T00:00:00",
"dateUpdated": "2024-08-05T18:05:30.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18320 (GCVE-0-2018-18320)
Vulnerability from nvd – Published: 2018-10-15 06:00 – Updated: 2024-09-16 22:41
VLAI?
Summary
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:08:21.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.51cto.com/010bjsoft/2298828"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T06:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.51cto.com/010bjsoft/2298828"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/qoli/Merlin.PHP/issues/26",
"refsource": "MISC",
"url": "https://github.com/qoli/Merlin.PHP/issues/26"
},
{
"name": "http://blog.51cto.com/010bjsoft/2298828",
"refsource": "MISC",
"url": "http://blog.51cto.com/010bjsoft/2298828"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18320",
"datePublished": "2018-10-15T06:00:00Z",
"dateReserved": "2018-10-15T00:00:00Z",
"dateUpdated": "2024-09-16T22:41:30.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18319 (GCVE-0-2018-18319)
Vulnerability from nvd – Published: 2018-10-15 06:00 – Updated: 2024-09-16 16:28
VLAI?
Summary
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:08:21.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.51cto.com/010bjsoft/2298902"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/27"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command\u0026class=remote\u0026Cc=\u0027ls\u0027 URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T06:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.51cto.com/010bjsoft/2298902"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/qoli/Merlin.PHP/issues/27"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command\u0026class=remote\u0026Cc=\u0027ls\u0027 URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.51cto.com/010bjsoft/2298902",
"refsource": "MISC",
"url": "http://blog.51cto.com/010bjsoft/2298902"
},
{
"name": "https://github.com/qoli/Merlin.PHP/issues/27",
"refsource": "MISC",
"url": "https://github.com/qoli/Merlin.PHP/issues/27"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18319",
"datePublished": "2018-10-15T06:00:00Z",
"dateReserved": "2018-10-15T00:00:00Z",
"dateUpdated": "2024-09-16T16:28:44.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11420 (GCVE-0-2017-11420)
Vulnerability from nvd – Published: 2017-07-18 05:00 – Updated: 2024-08-05 18:12
VLAI?
Summary
Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:39.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/13/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/13/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://asuswrt.lostrealm.ca/changelog",
"refsource": "CONFIRM",
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"name": "http://www.openwall.com/lists/oss-security/2017/07/13/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2017/07/13/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11420",
"datePublished": "2017-07-18T05:00:00",
"dateReserved": "2017-07-18T00:00:00",
"dateUpdated": "2024-08-05T18:12:39.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11344 (GCVE-0-2017-11344)
Vulnerability from nvd – Published: 2017-07-16 23:00 – Updated: 2024-08-05 18:05
VLAI?
Summary
Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11344",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://asuswrt.lostrealm.ca/changelog",
"refsource": "CONFIRM",
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"name": "http://www.openwall.com/lists/oss-security/2017/07/14/3",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11344",
"datePublished": "2017-07-16T23:00:00",
"dateReserved": "2017-07-16T00:00:00",
"dateUpdated": "2024-08-05T18:05:30.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11345 (GCVE-0-2017-11345)
Vulnerability from nvd – Published: 2017-07-16 23:00 – Updated: 2024-08-05 18:05
VLAI?
Summary
Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11345",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code on the router by hosting a crafted device description XML document (that includes a serviceType element) at a URL specified within a Location header in an SSDP response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://asuswrt.lostrealm.ca/changelog",
"refsource": "CONFIRM",
"url": "https://asuswrt.lostrealm.ca/changelog"
},
{
"name": "http://www.openwall.com/lists/oss-security/2017/07/14/3",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2017/07/14/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11345",
"datePublished": "2017-07-16T23:00:00",
"dateReserved": "2017-07-16T00:00:00",
"dateUpdated": "2024-08-05T18:05:30.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}