CVE-2018-5999
CVE-2018-5999
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails.
Productos afectados
n/a · n/aPoCs públicas encontradas — 4
cve_referencewww.exploit-db.com/exploits/43881/no verificadocve_referencewww.exploit-db.com/exploits/44176/no verificadoexploitdbwww.exploit-db.com/exploits/44176no verificadoexploitdbwww.exploit-db.com/exploits/43881no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://blogs.securiteam.com/index.php/archives/3589https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txthttps://raw.githubusercontent.com/pedrib/PoC/master/exploits/metasploit/asuswrt_lan_rce.rbhttps://www.exploit-db.com/exploits/43881/https://www.exploit-db.com/exploits/44176/