Published: 09/03/2017 Updated: 16/08/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmware prior to 3.0.0.4.380.7378; RT-AC68W routers with firmware prior to 3.0.0.4.380.7266; and RT-N600, RT-N12+ B1, RT-N11P B1, RT-N12VP B1, RT-N12E C1, RT-N300 B1, and RT-N12+ Pro routers with firmware prior to 3.0.0.4.380.9488; and Asuswrt-Merlin firmware prior to 380.65_2 allow remote malicious users to execute arbitrary code on the router via a long host or port in crafted multicast messages.

Vulnerable Product	Search on Vulmon	Subscribe to Product
asus rt-ac53_firmware 3.0.0.4.380.6038

Remote Code Execution Component: networkmap CVE: CVE-2017-6548 networkmap is responsible for generating a map of computers connected to the router It continuously monitors the LAN to detect ARP requests submitted by unknown computers When a new MAC address appears it will probe the related IP address for running services like printer sharing, ...

CWE-119 https://bierbaumer.net/security/asuswrt/#remote-code-execution http://www.securityfocus.com/bid/96938 https://asuswrt.lostrealm.ca/changelog https://www.exploit-db.com/exploits/41573/https://nvd.nist.gov https://www.exploit-db.com/exploits/41573/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-6548

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect