Sign-up

ID

VAR-201810-1092


CVE

CVE-2018-3954


TITLE

Linksys E1200 Firmware and Linksys E2500 In firmware OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013729

DESCRIPTION

Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04) are susceptible to OS command injection vulnerabilities due to improper filtering of data passed to and retrieved from NVRAMData entered into the 'Router Name' input field through the web portal is submitted to apply.cgi as the value to the 'machine_name' POST parameter. When the 'preinit' binary receives the SIGHUP signal it enters a code path that calls a function named 'set_host_domain_name' from its libshared.so shared object. The BelkinLinksys E1200 and E2500 are both E-series wireless router products from Belkin. An operating system command injection vulnerability exists in the BelkinLinksysE1200 with firmware version 2.0.09 and the LinksysE2500 with firmware version 3.0.04. An attacker can exploit this vulnerability to execute arbitrary commands on the system by sending a specially crafted request

Trust: 2.25

sources: NVD: CVE-2018-3954 // JVNDB: JVNDB-2018-013729 // CNVD: CNVD-2019-22780 // VULHUB: VHN-133985

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-22780

AFFECTED PRODUCTS

vendor:linksysmodel:e1200scope:eqversion:2.0.09

Trust: 1.0

vendor:linksysmodel:e2500scope:eqversion:3.0.04

Trust: 1.0

vendor:cisco linksysmodel:e1200scope:eqversion:2.0.09

Trust: 0.8

vendor:cisco linksysmodel:e2500scope:eqversion:3.0.04

Trust: 0.8

vendor:belkinmodel:linksys e2500scope:eqversion:3.0.04

Trust: 0.6

vendor:belkinmodel:linksys e1200scope:eqversion:2.0.09

Trust: 0.6

sources: CNVD: CNVD-2019-22780 // JVNDB: JVNDB-2018-013729 // NVD: CVE-2018-3954

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-3954
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2018-3954
value: HIGH

Trust: 1.0

NVD: CVE-2018-3954
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-22780
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201810-793
value: HIGH

Trust: 0.6

VULHUB: VHN-133985
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-3954
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-22780
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-133985
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

talos-cna@cisco.com: CVE-2018-3954
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2018-3954
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2019-22780 // VULHUB: VHN-133985 // JVNDB: JVNDB-2018-013729 // CNNVD: CNNVD-201810-793 // NVD: CVE-2018-3954 // NVD: CVE-2018-3954

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.9

sources: VULHUB: VHN-133985 // JVNDB: JVNDB-2018-013729 // NVD: CVE-2018-3954

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-793

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201810-793

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013729

PATCH
title:Top Pageurl:https://www.linksys.com/us/
Trust: 0.8
title:LinksysE1200 and E2500 operating system command injection vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/169111
Trust: 0.6
title:Linksys E1200  and E2500 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85866
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-22780 // 
            
            
            
            JVNDB: JVNDB-2018-013729 // 
            
            
            
            CNNVD: CNNVD-201810-793

EXTERNAL IDS
db:NVDid:CVE-2018-3954
Trust: 3.1
db:TALOSid:TALOS-2018-0625
Trust: 2.5
db:JVNDBid:JVNDB-2018-013729
Trust: 0.8
db:CNNVDid:CNNVD-201810-793
Trust: 0.7
db:CNVDid:CNVD-2019-22780
Trust: 0.6
db:VULHUBid:VHN-133985
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-22780 // 
            
            
            
            VULHUB: VHN-133985 // 
            
            
            
            JVNDB: JVNDB-2018-013729 // 
            
            
            
            CNNVD: CNNVD-201810-793 // 
            
            
            
            NVD: CVE-2018-3954

REFERENCES
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0625
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2018-3954
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3954
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2019-22780 // 
            
            
            
            VULHUB: VHN-133985 // 
            
            
            
            JVNDB: JVNDB-2018-013729 // 
            
            
            
            CNNVD: CNNVD-201810-793 // 
            
            
            
            NVD: CVE-2018-3954

SOURCES
db:CNVDid:CNVD-2019-22780
db:VULHUBid:VHN-133985
db:JVNDBid:JVNDB-2018-013729
db:CNNVDid:CNNVD-201810-793
db:NVDid:CVE-2018-3954

LAST UPDATE DATE
2024-11-23T22:21:54.730000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-22780date:2019-07-16T00:00:00
db:VULHUBid:VHN-133985date:2019-01-23T00:00:00
db:JVNDBid:JVNDB-2018-013729date:2019-02-28T00:00:00
db:CNNVDid:CNNVD-201810-793date:2022-04-20T00:00:00
db:NVDid:CVE-2018-3954date:2024-11-21T04:06:22.587

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-22780date:2019-07-16T00:00:00
db:VULHUBid:VHN-133985date:2018-10-17T00:00:00
db:JVNDBid:JVNDB-2018-013729date:2019-02-28T00:00:00
db:CNNVDid:CNNVD-201810-793date:2018-10-17T00:00:00
db:NVDid:CVE-2018-3954date:2018-10-17T02:29:01.500