Sign-up

ID

VAR-201707-0535


CVE

CVE-2017-11420


TITLE

plural ASUS For devices Asuswrt-Merlin Firmware and ASUS Firmware network map ASUS_Discovery.c Vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2017-005985

DESCRIPTION

Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list. ASUSRT-AC5300 is the RT series router product of ASUS. Asuswrt-Merlin is the firmware running in it. The following products are affected: ASUS RT-AC5300; RT_AC1900P; RT-AC68U; RT-AC68P; RT-AC88U; AC51U; RT-N18U; RT-N66U; RT-N56U; RT-AC3200; RT-AC3100; RT_AC1200GU; RT_AC1200G; RT_N12+_PRO; RT-N16; RT-N300

Trust: 2.25

sources: NVD: CVE-2017-11420 // JVNDB: JVNDB-2017-005985 // CNVD: CNVD-2017-24400 // VULHUB: VHN-101841

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-24400

AFFECTED PRODUCTS

vendor:asuswrt merlinmodel:rt-ac88uscope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac52uscope:lteversion:3.0.0.4.380.4180

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac66u b1scope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac66uscope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt ac1900pscope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac56uscope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac51uscope:lteversion:3.0.0.4.380.7378

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac1200scope:lteversion:3.0.0.4.380.9880

Trust: 1.0

vendor:asuswrt merlinmodel:rt-n12hpscope:lteversion:3.0.0.4.380.2943

Trust: 1.0

vendor:asuswrt merlinmodel:rt-n12hp b1scope:lteversion:3.0.0.4.380.3479

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac3100scope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt n12\+ proscope:lteversion:3.0.0.4.380.9880

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac55uscope:lteversion:3.0.0.4.380.7378

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac58uscope:lteversion:3.0.0.4.380.7485

Trust: 1.0

vendor:asuswrt merlinmodel:rt-n16scope:lteversion:3.0.0.4.380.7378

Trust: 1.0

vendor:asuswrt merlinmodel:rt-n300scope:lteversion:3.0.0.4.380.7378

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac53scope:lteversion:3.0.0.4.380.9883

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac68uscope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt-n18uscope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac5300scope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt-n66uscope:lteversion:3.0.0.4.380.7378

Trust: 1.0

vendor:asuswrt merlinmodel:rt-n12\+scope:lteversion:3.0.0.4.380.7378

Trust: 1.0

vendor:asuswrt merlinmodel:rt ac1200gscope:lteversion:3.0.0.4.380.3167

Trust: 1.0

vendor:asuswrt merlinmodel:rt ac1200guscope:lteversion:3.0.0.4.380.5577

Trust: 1.0

vendor:asuswrt merlinmodel:rt-n56uscope:lteversion:3.0.0.4.378.7177

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac68pscope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt-ac3200scope:lteversion:3.0.0.4.380.7743

Trust: 1.0

vendor:asuswrt merlinmodel:rt-n12d1scope:lteversion:3.0.0.4.380.7378

Trust: 1.0

vendor:asuswrt merlinmodel:rt ac1200gscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt ac1200guscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt ac1900pscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt n12+ proscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac1200scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac3100scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac3200scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac51uscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac52uscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac53scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac5300scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac55uscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac56uscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac58uscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac66u b1scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac66uscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac68pscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac68uscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-ac88uscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-n12+scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-n12d1scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-n12hp b1scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-n12hpscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-n16scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-n18uscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-n300scope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-n56uscope: - version: -

Trust: 0.8

vendor:asuswrt merlinmodel:rt-n66uscope: - version: -

Trust: 0.8

vendor:asusmodel:rt-ac5300scope: - version: -

Trust: 0.6

vendor:asusmodel:rt ac1900pscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac68uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac68pscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac88uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac66uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac66u b1scope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac58uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac56uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac55uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac52uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac51uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-n18uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-n66uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-n56uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac3200scope: - version: -

Trust: 0.6

vendor:asusmodel:rt ac1200guscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac3100scope: - version: -

Trust: 0.6

vendor:asusmodel:rt ac1200gscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac1200scope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac53scope: - version: -

Trust: 0.6

vendor:asusmodel:rt-n12hpscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-n12hp b1scope: - version: -

Trust: 0.6

vendor:asusmodel:rt-n12d1scope: - version: -

Trust: 0.6

vendor:asusmodel:rt-n12+scope: - version: -

Trust: 0.6

vendor:asusmodel:rt n12+ proscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-n16scope: - version: -

Trust: 0.6

vendor:asusmodel:rt-n300scope: - version: -

Trust: 0.6

vendor:asuswrt merlinmodel:rt-n12hp b1scope:eqversion:3.0.0.4.380.3479

Trust: 0.6

vendor:asuswrt merlinmodel:rt ac1200gscope:eqversion:3.0.0.4.380.3167

Trust: 0.6

vendor:asuswrt merlinmodel:rt-n12d1scope:eqversion:3.0.0.4.380.7378

Trust: 0.6

vendor:asuswrt merlinmodel:rt-n12\+scope:eqversion:3.0.0.4.380.7378

Trust: 0.6

vendor:asuswrt merlinmodel:rt-n12hpscope:eqversion:3.0.0.4.380.2943

Trust: 0.6

vendor:asuswrt merlinmodel:rt-ac53scope:eqversion:3.0.0.4.380.9883

Trust: 0.6

vendor:asuswrt merlinmodel:rt n12\+ proscope:eqversion:3.0.0.4.380.9880

Trust: 0.6

vendor:asuswrt merlinmodel:rt-ac1200scope:eqversion:3.0.0.4.380.9880

Trust: 0.6

vendor:asuswrt merlinmodel:rt-n16scope:eqversion:3.0.0.4.380.7378

Trust: 0.6

vendor:asuswrt merlinmodel:rt-n300scope:eqversion:3.0.0.4.380.7378

Trust: 0.6

sources: CNVD: CNVD-2017-24400 // JVNDB: JVNDB-2017-005985 // CNNVD: CNNVD-201707-754 // NVD: CVE-2017-11420

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-11420
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-11420
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2017-24400
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201707-754
value: CRITICAL

Trust: 0.6

VULHUB: VHN-101841
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-11420
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-24400
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-101841
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-11420
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-24400 // VULHUB: VHN-101841 // JVNDB: JVNDB-2017-005985 // CNNVD: CNNVD-201707-754 // NVD: CVE-2017-11420

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-101841 // JVNDB: JVNDB-2017-005985 // NVD: CVE-2017-11420

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201707-754

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201707-754

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-005985

PATCH
title:Top Pageurl:https://asuswrt.lostrealm.ca/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2017-005985

EXTERNAL IDS
db:OPENWALLid:OSS-SECURITY/2017/07/13/1
Trust: 3.1
db:NVDid:CVE-2017-11420
Trust: 3.1
db:JVNDBid:JVNDB-2017-005985
Trust: 0.8
db:CNNVDid:CNNVD-201707-754
Trust: 0.7
db:CNVDid:CNVD-2017-24400
Trust: 0.6
db:VULHUBid:VHN-101841
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-24400 // 
            
            
            
            VULHUB: VHN-101841 // 
            
            
            
            JVNDB: JVNDB-2017-005985 // 
            
            
            
            CNNVD: CNNVD-201707-754 // 
            
            
            
            NVD: CVE-2017-11420

REFERENCES
url:http://www.openwall.com/lists/oss-security/2017/07/13/1
Trust: 3.1
url:https://asuswrt.lostrealm.ca/changelog
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11420
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-11420
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2017-24400 // 
            
            
            
            VULHUB: VHN-101841 // 
            
            
            
            JVNDB: JVNDB-2017-005985 // 
            
            
            
            CNNVD: CNNVD-201707-754 // 
            
            
            
            NVD: CVE-2017-11420

SOURCES
db:CNVDid:CNVD-2017-24400
db:VULHUBid:VHN-101841
db:JVNDBid:JVNDB-2017-005985
db:CNNVDid:CNNVD-201707-754
db:NVDid:CVE-2017-11420

LAST UPDATE DATE
2024-11-23T22:26:44.352000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-24400date:2017-09-03T00:00:00
db:VULHUBid:VHN-101841date:2017-12-20T00:00:00
db:JVNDBid:JVNDB-2017-005985date:2017-08-14T00:00:00
db:CNNVDid:CNNVD-201707-754date:2017-07-19T00:00:00
db:NVDid:CVE-2017-11420date:2024-11-21T03:07:45.487

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-24400date:2017-09-03T00:00:00
db:VULHUBid:VHN-101841date:2017-07-18T00:00:00
db:JVNDBid:JVNDB-2017-005985date:2017-08-14T00:00:00
db:CNNVDid:CNNVD-201707-754date:2017-07-19T00:00:00
db:NVDid:CVE-2017-11420date:2017-07-18T05:29:00.470