An issue exists in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
asuswrt-merlin_project rt-ac5300_firmware |
||
asuswrt-merlin_project rt_ac1900p_firmware |
||
asuswrt-merlin_project rt-ac68u_firmware |
||
asuswrt-merlin_project rt-ac68p_firmware |
||
asuswrt-merlin_project rt-ac88u_firmware |
||
asuswrt-merlin_project rt-ac66u_b1_firmware |
||
asuswrt-merlin_project rt-ac56u_firmware |
||
asuswrt-merlin_project rt-ac3200_firmware |
||
asuswrt-merlin_project rt-ac68uf_firmware |
||
asuswrt-merlin_project rt-ac87_firmware |
||
asuswrt-merlin_project rt-ac3100_firmware |
||
asuswrt-merlin_project rt-ac1900_firmware |
||
asuswrt-merlin_project rt-ac86u_firmware |
||
asuswrt-merlin_project rt-ac2900_firmware |
Vulmon