CVE-2018-20334 - Vulnerability Details

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.03696.

Key SSVC decision points have not yet been added.

Vendors	Products
Asus	Asuswrt Gt-ac2900 Gt-ac5300 Gt-ax11000 Rt-ac1200 Rt-ac1200 V2 Rt-ac1200g Rt-ac1200ge Rt-ac1750 Rt-ac1750 B1 Rt-ac1900p Rt-ac3100 Rt-ac3200 Rt-ac51u Rt-ac5300 Rt-ac55u Rt-ac56r Rt-ac56s Rt-ac56u Rt-ac66r Rt-ac66u Rt-ac66u-b1 Rt-ac66u B1 Rt-ac68p Rt-ac68u Rt-ac86u Rt-ac87u Rt-ac88u Rt-acrh12 Rt-acrh13 Rt-ax3000 Rt-ax56u Rt-ax58u Rt-ax88u Rt-ax92u Rt-g32 Rt-n10\+d1 Rt-n10e Rt-n14u Rt-n16 Rt-n19 Rt-n56r Rt-n56u Rt-n600 Rt-n65u Rt-n66r Rt-n66u

Configuration 1 [-]

AND

cpe:2.3:o:asus:asuswrt:3.0.0.4.384.20308:*:*:*:*:*:*:*

OR	cpe:2.3:h:asus:gt-ac2900:-:::::::*
	cpe:2.3:h:asus:gt-ac5300:-:::::::*
	cpe:2.3:h:asus:gt-ax11000:-:::::::*
	cpe:2.3:h:asus:rt-ac1200:-:::::::*
	cpe:2.3:h:asus:rt-ac1200_v2:-:::::::*
	cpe:2.3:h:asus:rt-ac1200g:-:::::::*
	cpe:2.3:h:asus:rt-ac1200ge:-:::::::*
	cpe:2.3:h:asus:rt-ac1750:-:::::::*
	cpe:2.3:h:asus:rt-ac1750_b1:-:::::::*
	cpe:2.3:h:asus:rt-ac1900p:-:::::::*
	cpe:2.3:h:asus:rt-ac3100:-:::::::*
	cpe:2.3:h:asus:rt-ac3200:-:::::::*
	cpe:2.3:h:asus:rt-ac51u:-:::::::*
	cpe:2.3:h:asus:rt-ac5300:-:::::::*
	cpe:2.3:h:asus:rt-ac55u:-:::::::*
	cpe:2.3:h:asus:rt-ac56r:-:::::::*
	cpe:2.3:h:asus:rt-ac56s:-:::::::*
	cpe:2.3:h:asus:rt-ac56u:-:::::::*
	cpe:2.3:h:asus:rt-ac66r:-:::::::*
	cpe:2.3:h:asus:rt-ac66u:-:::::::*
	cpe:2.3:h:asus:rt-ac66u-b1:-:::::::*
	cpe:2.3:h:asus:rt-ac66u_b1:-:::::::*
	cpe:2.3:h:asus:rt-ac68p:-:::::::*
	cpe:2.3:h:asus:rt-ac68u:-:::::::*
	cpe:2.3:h:asus:rt-ac86u:-:::::::*
	cpe:2.3:h:asus:rt-ac87u:-:::::::*
	cpe:2.3:h:asus:rt-ac88u:-:::::::*
	cpe:2.3:h:asus:rt-acrh12:-:::::::*
	cpe:2.3:h:asus:rt-acrh13:-:::::::*
	cpe:2.3:h:asus:rt-ax3000:-:::::::*
	cpe:2.3:h:asus:rt-ax56u:-:::::::*
	cpe:2.3:h:asus:rt-ax58u:-:::::::*
	cpe:2.3:h:asus:rt-ax88u:-:::::::*
	cpe:2.3:h:asus:rt-ax92u:-:::::::*
	cpe:2.3:h:asus:rt-g32:-:::::::*
	cpe:2.3:h:asus:rt-n10\+d1:-:::::::*
	cpe:2.3:h:asus:rt-n10e:-:::::::*
	cpe:2.3:h:asus:rt-n14u:-:::::::*
	cpe:2.3:h:asus:rt-n16:-:::::::*
	cpe:2.3:h:asus:rt-n19:-:::::::*
	cpe:2.3:h:asus:rt-n56r:-:::::::*
	cpe:2.3:h:asus:rt-n56u:-:::::::*
	cpe:2.3:h:asus:rt-n600:-:::::::*
	cpe:2.3:h:asus:rt-n65u:-:::::::*
	cpe:2.3:h:asus:rt-n66r:-:::::::*
	cpe:2.3:h:asus:rt-n66u:-:::::::*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2018-12892	An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://starlabs.sg/advisories/18-20334/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-03-20T00:11:06

Updated: 2024-08-05T11:58:18.926Z

Reserved: 2018-12-21T00:00:00

Link: CVE-2018-20334

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-03-20T01:15:22.357

Modified: 2024-11-21T04:01:15.487

Link: CVE-2018-20334

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object