CVE-2018-6000
CVE-2018-6000
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.
Productos afectados
n/a · n/aPoCs públicas encontradas — 4
cve_referencewww.exploit-db.com/exploits/43881/no verificadocve_referencewww.exploit-db.com/exploits/44176/no verificadoexploitdbwww.exploit-db.com/exploits/44176no verificadoexploitdbwww.exploit-db.com/exploits/43881no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://blogs.securiteam.com/index.php/archives/3589https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txthttps://raw.githubusercontent.com/pedrib/PoC/master/exploits/metasploit/asuswrt_lan_rce.rbhttps://www.exploit-db.com/exploits/43881/https://www.exploit-db.com/exploits/44176/