Details of VAR-201905-0653

ID

VAR-201905-0653

CVE

CVE-2017-18370

TITLE

ZyXEL P660HN-T1A v2 Command injection vulnerability in routers

Trust: 0.8

sources: JVNDB: JVNDB-2017-014437

DESCRIPTION

The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.asp page and can be exploited through the ServerIP parameter. Authentication can be achieved by exploiting CVE-2017-18371. ZyXEL P660HN-T1A is a wireless router made by ZyXEL, Taiwan, China. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands

Trust: 1.71

sources: NVD: CVE-2017-18370 // JVNDB: JVNDB-2017-014437 // VULHUB: VHN-109486

AFFECTED PRODUCTS

vendor:	zyxel	model:	p660hn-t1a v1	scope:	eq	version:	7.3.37.6	Trust: 1.0
vendor:	zyxel	model:	p660hn-t1a v2	scope:	eq	version:	7.3.37.6	Trust: 1.0
vendor:	billion	model:	5200w-t	scope:	eq	version:	7.3.8.0	Trust: 1.0
vendor:	billion	model:	5200w-t	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	p660hn-t1a v1	scope:	-	version:	-	Trust: 0.8
vendor:	zyxel	model:	p660hn-t1a v2	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2017-014437 // NVD: CVE-2017-18370

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-18370
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-18370
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201905-075
value:	HIGH
Trust: 0.6
VULHUB:	VHN-109486
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-18370
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-109486
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-18370
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-109486 // JVNDB: JVNDB-2017-014437 // CNNVD: CNNVD-201905-075 // NVD: CVE-2017-18370

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.1
problemtype:	CWE-77	Trust: 0.9

sources: VULHUB: VHN-109486 // JVNDB: JVNDB-2017-014437 // NVD: CVE-2017-18370

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-075

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201905-075

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-014437

PATCH

title:	Top Page	url:	http://www.billion.com.tw/index.aspx	Trust: 0.8
title:	Top Page	url:	https://www.zyxel.com/homepage.shtml	Trust: 0.8

sources: JVNDB: JVNDB-2017-014437

EXTERNAL IDS

db:	NVD	id:	CVE-2017-18370	Trust: 2.5
db:	JVNDB	id:	JVNDB-2017-014437	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-075	Trust: 0.7
db:	VULHUB	id:	VHN-109486	Trust: 0.1

sources: VULHUB: VHN-109486 // JVNDB: JVNDB-2017-014437 // CNNVD: CNNVD-201905-075 // NVD: CVE-2017-18370

REFERENCES

url:	https://seclists.org/fulldisclosure/2017/jan/40	Trust: 2.5
url:	http://www.zyxel.com/support/announcement_unauthenticated.shtml	Trust: 1.7
url:	https://raw.githubusercontent.com/pedrib/poc/master/advisories/zyxel_trueonline.txt	Trust: 1.7
url:	https://ssd-disclosure.com/index.php/archives/2910	Trust: 1.7
url:	https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2017-18370	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18370	Trust: 0.8

sources: VULHUB: VHN-109486 // JVNDB: JVNDB-2017-014437 // CNNVD: CNNVD-201905-075 // NVD: CVE-2017-18370

SOURCES

db:	VULHUB	id:	VHN-109486
db:	JVNDB	id:	JVNDB-2017-014437
db:	CNNVD	id:	CNNVD-201905-075
db:	NVD	id:	CVE-2017-18370

LAST UPDATE DATE

2024-11-23T22:48:23.513000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-109486	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2017-014437	date:	2019-05-24T00:00:00
db:	CNNVD	id:	CNNVD-201905-075	date:	2020-05-22T00:00:00
db:	NVD	id:	CVE-2017-18370	date:	2024-11-21T03:19:57.207

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-109486	date:	2019-05-02T00:00:00
db:	JVNDB	id:	JVNDB-2017-014437	date:	2019-05-24T00:00:00
db:	CNNVD	id:	CNNVD-201905-075	date:	2019-05-02T00:00:00
db:	NVD	id:	CVE-2017-18370	date:	2019-05-02T17:29:00.880