Main Vulnerability Database SB2023062012

SB2023062012 - Multiple vulnerabilities in ASUS Routers

Published: June 20, 2023

Security Bulletin ID SB2023062012

Severity

High

Patch available

YES

Number of vulnerabilities 5

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) OS Command Injection (CVE-ID: CVE-2023-28702)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation. A remote user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) Buffer overflow (CVE-ID: CVE-2022-46871)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in libusrsctp. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

3) Out-of-bounds write (CVE-ID: CVE-2018-1160)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in dsi_opensess.c. A remote attacker can trigger an out-of-bounds write and crash the affected application or execute arbitrary code on the target system.

4) Out-of-bounds write (CVE-ID: CVE-2022-26376)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in the httpd unescape functionality. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

5) Stack-based buffer overflow (CVE-ID: CVE-2023-28703)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the cgi function. A remote administrator can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

Vulnerable Software

TUF-AX5400: before 3.0.0.4.388.23285
TUF-AX6000: before 3.0.0.4.388.31927
RT-AX58U: before 3.0.0.4.388.23403
RT-AX82U: before 3.0.0.4.388.23285
RT-AX86S: before 3.0.0.4.388.23285
RT-AX86U: before 3.0.0.4.388.23285
RT-AX86U PRO: before 3.0.0.4.388.23285
ZenWiFi XT8_V2: before 3.0.0.4.388.23285
ZenWiFi XT8: before 3.0.0.4.388.23285
ZenWiFi XT9: before 3.0.0.4.388.23285
GS-AX3000: before 1.4.8.3
GS-AX5400: before 3.0.0.4.388.23012
GT-AX11000: before 3.0.0.4.388.23285
GT-AX6000: before 3.0.0.4.388.23285
GT-AXE11000: before 3.0.0.4.388.23482
GT-AXE11000 PRO: before 3.0.0.4.388.23285
GT-AXE16000: before 3.0.0.4.388.23012
GT6: before 3.0.0.4.388.23145
RT-AX3000: before 3.0.0.4.388.23403