ID

VAR-201804-1341


CVE

CVE-2018-9285


TITLE

plural ASUS In product OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004344

DESCRIPTION

Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable. plural ASUS The product includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUS RT-AC66U, etc. are all wireless router products of ASUS. Attackers can use the percent and desktOP fields of the System Cmd variable to inject this vulnerability and execute operating system commands with higher authority. The following products and versions are affected: ASUS RT-AC66U ; RT-AC68U ; RT-AC86U ; RT-AC88U ; RT-AC1900 ; RT-AC2900 ; RT-AC3100 equipment 3.0.0.4.384_10007 Previous version RT-N18U 3.0.0.4.382.39935 Previous version RT-AC87U with RT-AC3200 3.0.0.4.382.50010 Previous version RT-AC5300 3.0.0.4.384.20287 Previous version

Trust: 2.34

sources: NVD: CVE-2018-9285 // JVNDB: JVNDB-2018-004344 // CNVD: CNVD-2020-63980 // VULHUB: VH-CVE-2018-9285 // VULMON: CVE-2018-9285

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-63980

AFFECTED PRODUCTS

vendor:asusmodel:rt-n18uscope:ltversion:3.0.0.4.382.39935

Trust: 1.6

vendor:asusmodel:rt-ac87uscope:ltversion:3.0.0.4.382.50010

Trust: 1.6

vendor:asusmodel:rt-ac3200scope:ltversion:3.0.0.4.382.50010

Trust: 1.6

vendor:asusmodel:rt-ac5300scope:ltversion:3.0.0.4.384.20287

Trust: 1.6

vendor:asusmodel:rt-ac1900scope:ltversion:3.0.0.4.384.10007

Trust: 1.0

vendor:asusmodel:rt-ac3100scope:ltversion:3.0.0.4.384.10007

Trust: 1.0

vendor:asusmodel:rt-ac66uscope:ltversion:3.0.0.4.384.10007

Trust: 1.0

vendor:asusmodel:rt-ac68uscope:ltversion:3.0.0.4.384.10007

Trust: 1.0

vendor:asusmodel:rt-ac86uscope:ltversion:3.0.0.4.384.10007

Trust: 1.0

vendor:asusmodel:rt-ac2900scope:ltversion:3.0.0.4.384.10007

Trust: 1.0

vendor:asusmodel:rt-ac88uscope:ltversion:3.0.0.4.384.10007

Trust: 1.0

vendor:asustek computermodel:rt-ac1900scope: - version: -

Trust: 0.8

vendor:asustek computermodel:rt-ac2900scope: - version: -

Trust: 0.8

vendor:asustek computermodel:rt-ac3100scope: - version: -

Trust: 0.8

vendor:asustek computermodel:rt-ac3200scope: - version: -

Trust: 0.8

vendor:asustek computermodel:rt-ac5300scope: - version: -

Trust: 0.8

vendor:asustek computermodel:rt-ac66uscope: - version: -

Trust: 0.8

vendor:asustek computermodel:rt-ac68uscope: - version: -

Trust: 0.8

vendor:asustek computermodel:rt-ac86uscope: - version: -

Trust: 0.8

vendor:asustek computermodel:rt-ac87uscope: - version: -

Trust: 0.8

vendor:asustek computermodel:rt-ac88uscope: - version: -

Trust: 0.8

vendor:asustek computermodel:rt-n18uscope: - version: -

Trust: 0.8

vendor:asusmodel:rt-ac68uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac66uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac88uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac86uscope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac1900scope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac2900scope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac3100 <3.0.0.4.384 10007scope: - version: -

Trust: 0.6

vendor:asusmodel:rt-ac66uscope:eqversion:3.0.0.4.246

Trust: 0.6

vendor:asusmodel:rt-ac66uscope:eqversion:3.0.0.4.354

Trust: 0.6

vendor:asusmodel:rt-ac66uscope:eqversion:3.0.0.4.260

Trust: 0.6

vendor:asusmodel:rt-ac68uscope:eqversion:3.0.0.4.374.5047

Trust: 0.6

vendor:asusmodel:rt-ac68uscope:eqversion:3.0.0.4.374_4887

Trust: 0.6

vendor:asusmodel:rt-ac66uscope:eqversion:3.0.0.4.140

Trust: 0.6

vendor:asusmodel:rt-ac68uscope:eqversion:3.0.0.4.374.4755

Trust: 0.6

vendor:asusmodel:rt-ac66uscope:eqversion:3.0.0.4.220

Trust: 0.6

vendor:asusmodel:rt-ac66uscope:eqversion:3.0.0.4.270

Trust: 0.6

vendor:asusmodel:rt-ac68uscope:eqversion:3.0.0.4.374_4561

Trust: 0.6

sources: CNVD: CNVD-2020-63980 // JVNDB: JVNDB-2018-004344 // CNNVD: CNNVD-201804-298 // NVD: CVE-2018-9285

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2018-9285
value: CRITICAL

Trust: 1.8

CNVD: CNVD-2020-63980
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201804-298
value: CRITICAL

Trust: 0.6

VUL-HUB: VH-CVE-2018-9285
value: HIGH RISK

Trust: 0.1

VULMON: CVE-2018-9285
value: HIGH

Trust: 0.1

VULMON: CVE-2018-9285
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2020-63980
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VH-CVE-2018-9285
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD: CVE-2018-9285
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 1.8

sources: VULHUB: VH-CVE-2018-9285 // CNVD: CNVD-2020-63980 // VULMON: CVE-2018-9285 // JVNDB: JVNDB-2018-004344 // CNNVD: CNNVD-201804-298 // NVD: CVE-2018-9285

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.9

sources: VULHUB: VH-CVE-2018-9285 // JVNDB: JVNDB-2018-004344 // NVD: CVE-2018-9285

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-298

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201804-298

CONFIGURATIONS

sources: NVD: CVE-2018-9285

EXPLOIT AVAILABILITY

sources: VULHUB: VH-CVE-2018-9285

PATCH

title:Top Pageurl:https://www.asus.com/sg/

Trust: 0.8

title:Patch for ASUS TM-AC1900 arbitrary command execution vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/240217

Trust: 0.6

title:Multiple ASUS Product operating system command injection vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83120

Trust: 0.6

sources: CNVD: CNVD-2020-63980 // JVNDB: JVNDB-2018-004344 // CNNVD: CNNVD-201804-298

EXTERNAL IDS

db:NVDid:CVE-2018-9285

Trust: 3.2

db:PACKETSTORMid:160049

Trust: 2.3

db:JVNDBid:JVNDB-2018-004344

Trust: 0.8

db:CNVDid:CNVD-2020-63980

Trust: 0.7

db:CNNVDid:CNNVD-201804-298

Trust: 0.7

db:CXSECURITYid:WLB-2020110103

Trust: 0.6

db:VULHUBid:VH-CVE-2018-9285

Trust: 0.1

db:VULMONid:CVE-2018-9285

Trust: 0.1

sources: VULHUB: VH-CVE-2018-9285 // CNVD: CNVD-2020-63980 // VULMON: CVE-2018-9285 // JVNDB: JVNDB-2018-004344 // CNNVD: CNNVD-201804-298 // NVD: CVE-2018-9285

REFERENCES

url:https://packetstormsecurity.com/files/160049/asus-tm-ac1900-arbitrary-command-execution.html;

Trust: 3.0

url:https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html

Trust: 2.5

url:https://fortiguard.com/zeroday/fg-vd-17-216

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9285

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-9285

Trust: 0.8

url:https://cxsecurity.com/issue/wlb-2020110103

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/78.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2020-63980 // VULMON: CVE-2018-9285 // JVNDB: JVNDB-2018-004344 // CNNVD: CNNVD-201804-298 // NVD: CVE-2018-9285

CREDITS

b1ack0wl

Trust: 0.6

sources: CNNVD: CNNVD-201804-298

SOURCES

db:VULHUBid:VH-CVE-2018-9285
db:CNVDid:CNVD-2020-63980
db:VULMONid:CVE-2018-9285
db:JVNDBid:JVNDB-2018-004344
db:CNNVDid:CNNVD-201804-298
db:NVDid:CVE-2018-9285

LAST UPDATE DATE

2022-05-04T09:29:09.062000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VH-CVE-2018-9285date:2018-05-22T00:00:00
db:CNVDid:CNVD-2020-63980date:2020-11-18T00:00:00
db:VULMONid:CVE-2018-9285date:2020-11-13T00:00:00
db:JVNDBid:JVNDB-2018-004344date:2018-06-18T00:00:00
db:CNNVDid:CNNVD-201804-298date:2020-11-16T00:00:00
db:NVDid:CVE-2018-9285date:2020-11-13T18:15:00

SOURCES RELEASE DATE

db:VULHUBid:VH-CVE-2018-9285date:2018-04-04T00:00:00
db:CNVDid:CNVD-2020-63980date:2020-11-18T00:00:00
db:VULMONid:CVE-2018-9285date:2018-04-04T00:00:00
db:JVNDBid:JVNDB-2018-004344date:2018-06-18T00:00:00
db:CNNVDid:CNNVD-201804-298date:2018-04-04T00:00:00
db:NVDid:CVE-2018-9285date:2018-04-04T19:29:00