CVE-2017-18368
CVE-2017-18368
In short
A router flaw allows anyone on the internet to run dangerous commands on the device by sending specially crafted requests to a logging page. This gives complete control over the router without needing a password.
Technical detail
CWE-78 command injection in ViewLog.asp remote_host parameter allows unauthenticated remote code execution. The vulnerability accepts unsanitized user input directly into system commands within the Remote System Log forwarding function, enabling arbitrary command execution with router privileges.
Summary generated and translated by AI from the official description.
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited through the remote_host parameter.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txthttps://seclists.org/fulldisclosure/2017/Jan/40https://ssd-disclosure.com/index.php/archives/2910https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-18368http://www.zyxel.com/support/announcement_unauthenticated.shtml