#VU77536 OS Command Injection in Asus products - CVE-2023-28702


Vulnerability identifier: #VU77536

Vulnerability risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-28702

CWE-ID: CWE-78

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
GT6
Hardware solutions / Routers & switches, VoIP, GSM, etc
GT-AXE16000
Hardware solutions / Routers & switches, VoIP, GSM, etc
GT-AXE11000 PRO
Hardware solutions / Routers & switches, VoIP, GSM, etc
GT-AXE11000
Hardware solutions / Routers & switches, VoIP, GSM, etc
GT-AX6000
Hardware solutions / Routers & switches, VoIP, GSM, etc
GT-AX11000
Hardware solutions / Routers & switches, VoIP, GSM, etc
GS-AX5400
Hardware solutions / Routers & switches, VoIP, GSM, etc
GS-AX3000
Hardware solutions / Routers & switches, VoIP, GSM, etc
ZenWiFi XT9
Hardware solutions / Routers & switches, VoIP, GSM, etc
ZenWiFi XT8
Hardware solutions / Routers & switches, VoIP, GSM, etc
ZenWiFi XT8_V2
Hardware solutions / Routers & switches, VoIP, GSM, etc
RT-AX86U PRO
Hardware solutions / Routers & switches, VoIP, GSM, etc
RT-AX86U
Hardware solutions / Routers & switches, VoIP, GSM, etc
RT-AX86S
Hardware solutions / Routers & switches, VoIP, GSM, etc
RT-AX82U
Hardware solutions / Routers & switches, VoIP, GSM, etc
RT-AX58U
Hardware solutions / Routers & switches, VoIP, GSM, etc
RT-AX3000
Hardware solutions / Routers & switches, VoIP, GSM, etc
TUF-AX6000
Hardware solutions / Routers & switches, VoIP, GSM, etc
TUF-AX5400
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Asus

Description

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation. A remote user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

GT6: before 3.0.0.4.388.23145

GT-AXE16000: before 3.0.0.4.388.23012

GT-AXE11000 PRO: before 3.0.0.4.388.23285

GT-AXE11000: before 3.0.0.4.388.23482

GT-AX6000: before 3.0.0.4.388.23285

GT-AX11000: before 3.0.0.4.388.23285

GS-AX5400: before 3.0.0.4.388.23012

GS-AX3000: before 1.4.8.3

ZenWiFi XT9: before 3.0.0.4.388.23285

ZenWiFi XT8: before 3.0.0.4.388.23285

ZenWiFi XT8_V2: before 3.0.0.4.388.23285

RT-AX86U PRO: before 3.0.0.4.388.23285

RT-AX86U: before 3.0.0.4.388.23285

RT-AX86S: before 3.0.0.4.388.23285

RT-AX82U: before 3.0.0.4.388.23285

RT-AX58U: before 3.0.0.4.388.23403

RT-AX3000: before 3.0.0.4.388.23403

TUF-AX6000: before 3.0.0.4.388.31927

TUF-AX5400: before 3.0.0.4.388.23285

External links
https://www.twcert.org.tw/tw/cp-132-7146-ef92a-1.html
https://www.asus.com/content/asus-product-security-advisory/#06/19/2023
https://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230620

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in ASUS Routers