Details of VAR-201703-1110

ID

VAR-201703-1110

CVE

CVE-2017-6548

TITLE

ASUS RT-AC53 Run on device ASUSWRT of networkmap Vulnerable to buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2017-002138

DESCRIPTION

Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmware before 3.0.0.4.380.7378; RT-AC68W routers with firmware before 3.0.0.4.380.7266; and RT-N600, RT-N12+ B1, RT-N11P B1, RT-N12VP B1, RT-N12E C1, RT-N300 B1, and RT-N12+ Pro routers with firmware before 3.0.0.4.380.9488; and Asuswrt-Merlin firmware before 380.65_2 allow remote attackers to execute arbitrary code on the router via a long host or port in crafted multicast messages. ASUSWRT is the ASUS router firmware. A remote execution code vulnerability exists in ASUSWRTRT-AC53. An attacker could exploit the vulnerability to execute arbitrary code in the context of the user running the affected application. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Asus ASUSWRT is prone to the following multiple security vulnerabilities. 1. A buffer-overflow vulnerability 2. A cross-site-scripting vulnerability. 3. A session-hijacking vulnerability. Failed exploit attempts will likely cause denial-of-service conditions. There is a buffer overflow vulnerability in the networkmap of ASUS ASUSWRT in RT-AC53 with firmware version 3.0.0.4.380.6038

Trust: 3.15

sources: NVD: CVE-2017-6548 // JVNDB: JVNDB-2017-002138 // CNVD: CNVD-2017-03095 // CNNVD: CNNVD-202104-975 // BID: 96938 // VULHUB: VHN-114751 // VULMON: CVE-2017-6548

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-03095

AFFECTED PRODUCTS

vendor:	asus	model:	rt-ac53	scope:	eq	version:	3.0.0.4.380.6038	Trust: 2.2
vendor:	asustek computer	model:	rt-ac53	scope:	-	version:	-	Trust: 0.8
vendor:	asustek computer	model:	rt-ac53	scope:	eq	version:	3.0.0.4.380.6038	Trust: 0.8
vendor:	asus	model:	asuswrt rt-ac53	scope:	eq	version:	3.0.0.4.380.6038	Trust: 0.3
vendor:	asus	model:	asuswrt rt-ac53	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2017-03095 // BID: 96938 // JVNDB: JVNDB-2017-002138 // CNNVD: CNNVD-201703-322 // NVD: CVE-2017-6548

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6548
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-6548
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-03095
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201703-322
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-114751
value:	HIGH
Trust: 0.1
VULMON:	CVE-2017-6548
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-6548
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2017-03095
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-114751
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6548
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-03095 // VULHUB: VHN-114751 // VULMON: CVE-2017-6548 // JVNDB: JVNDB-2017-002138 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-201703-322 // NVD: CVE-2017-6548

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-114751 // JVNDB: JVNDB-2017-002138 // NVD: CVE-2017-6548

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-322

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-002138

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-114751 // VULMON: CVE-2017-6548

PATCH

title:	RT-AC53	url:	https://www.asus.com/us/Networking/RT-AC53/	Trust: 0.8
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/40-asus-rt-router-models-are-vulnerable-to-simple-hacks/	Trust: 0.1

sources: VULMON: CVE-2017-6548 // JVNDB: JVNDB-2017-002138

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6548	Trust: 3.5
db:	BID	id:	96938	Trust: 2.1
db:	EXPLOIT-DB	id:	41573	Trust: 1.8
db:	JVNDB	id:	JVNDB-2017-002138	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-322	Trust: 0.7
db:	EXPLOITDB	id:	41573	Trust: 0.6
db:	CNVD	id:	CNVD-2017-03095	Trust: 0.6
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021061008	Trust: 0.6
db:	VULHUB	id:	VHN-114751	Trust: 0.1
db:	VULMON	id:	CVE-2017-6548	Trust: 0.1

sources: CNVD: CNVD-2017-03095 // VULHUB: VHN-114751 // VULMON: CVE-2017-6548 // BID: 96938 // JVNDB: JVNDB-2017-002138 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-201703-322 // NVD: CVE-2017-6548

REFERENCES

url:	https://bierbaumer.net/security/asuswrt/#remote-code-execution	Trust: 2.0
url:	https://www.exploit-db.com/exploits/41573/	Trust: 1.9
url:	http://www.securityfocus.com/bid/96938	Trust: 1.3
url:	https://asuswrt.lostrealm.ca/changelog	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6548	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6548	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021061008	Trust: 0.6
url:	https://bierbaumer.net/security/asuswrt/#	Trust: 0.3
url:	https://www.asus.com/asuswrt/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

CREDITS

bruno

Trust: 0.3

sources: BID: 96938

SOURCES

db:	CNVD	id:	CNVD-2017-03095
db:	VULHUB	id:	VHN-114751
db:	VULMON	id:	CVE-2017-6548
db:	BID	id:	96938
db:	JVNDB	id:	JVNDB-2017-002138
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-201703-322
db:	NVD	id:	CVE-2017-6548

LAST UPDATE DATE

2024-11-23T20:33:18.892000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-03095	date:	2017-03-22T00:00:00
db:	VULHUB	id:	VHN-114751	date:	2017-08-16T00:00:00
db:	VULMON	id:	CVE-2017-6548	date:	2017-08-16T00:00:00
db:	BID	id:	96938	date:	2017-03-23T00:01:00
db:	JVNDB	id:	JVNDB-2017-002138	date:	2017-03-30T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-201703-322	date:	2021-06-11T00:00:00
db:	NVD	id:	CVE-2017-6548	date:	2024-11-21T03:30:00.077

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-03095	date:	2017-03-22T00:00:00
db:	VULHUB	id:	VHN-114751	date:	2017-03-09T00:00:00
db:	VULMON	id:	CVE-2017-6548	date:	2017-03-09T00:00:00
db:	BID	id:	96938	date:	2017-03-09T00:00:00
db:	JVNDB	id:	JVNDB-2017-002138	date:	2017-03-30T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-201703-322	date:	2017-03-09T00:00:00
db:	NVD	id:	CVE-2017-6548	date:	2017-03-09T09:59:00.223