Lucene search

MitreCVE-2017-18370

HistoryMay 02, 2019 - 5:29 p.m.

CVE-2017-18370

2019-05-0217:29:00

CWE-78

mitre

web.nvd.nist.gov

In Wild

zyxel

p660hn-t1a

tclinux

command injection

vulnerability

log forwarding

cve-2017-18370

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.764

Percentile

98.2%

JSON

The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.asp page and can be exploited through the ServerIP parameter. Authentication can be achieved by exploiting CVE-2017-18371.

Affected configurations

Nvd

Node

billion5200w-t_firmwareMatch7.3.8.0

AND

billion5200w-tMatch-

Node

zyxelp660hn-t1a_v2_firmwareMatch7.3.37.6

AND

zyxelp660hn-t1a_v2Match-

Node

zyxelp660hn-t1a_v1_firmwareMatch7.3.37.6

AND

zyxelp660hn-t1a_v1Match-

VendorProductVersionCPE
billion5200w-t_firmware7.3.8.0cpe:2.3:o:billion:5200w-t_firmware:7.3.8.0:*:*:*:*:*:*:*
billion5200w-t-cpe:2.3:h:billion:5200w-t:-:*:*:*:*:*:*:*
zyxelp660hn-t1a_v2_firmware7.3.37.6cpe:2.3:o:zyxel:p660hn-t1a_v2_firmware:7.3.37.6:*:*:*:*:*:*:*
zyxelp660hn-t1a_v2-cpe:2.3:h:zyxel:p660hn-t1a_v2:-:*:*:*:*:*:*:*
zyxelp660hn-t1a_v1_firmware7.3.37.6cpe:2.3:o:zyxel:p660hn-t1a_v1_firmware:7.3.37.6:*:*:*:*:*:*:*
zyxelp660hn-t1a_v1-cpe:2.3:h:zyxel:p660hn-t1a_v1:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
billion	5200w-t_firmware	7.3.8.0	cpe:2.3:o:billion:5200w-t_firmware:7.3.8.0:::::::*
billion	5200w-t	-	cpe:2.3:h:billion:5200w-t:-:::::::*
zyxel	p660hn-t1a_v2_firmware	7.3.37.6	cpe:2.3:o:zyxel:p660hn-t1a_v2_firmware:7.3.37.6:::::::*
zyxel	p660hn-t1a_v2	-	cpe:2.3:h:zyxel:p660hn-t1a_v2:-:::::::*
zyxel	p660hn-t1a_v1_firmware	7.3.37.6	cpe:2.3:o:zyxel:p660hn-t1a_v1_firmware:7.3.37.6:::::::*
zyxel	p660hn-t1a_v1	-	cpe:2.3:h:zyxel:p660hn-t1a_v1:-:::::::*

References

www.zyxel.com/support/announcement_unauthenticated.shtml

raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt

seclists.org/fulldisclosure/2017/Jan/40

ssd-disclosure.com/index.php/archives/2910

unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.764

Percentile

98.2%

JSON

Related for CVE-2017-18370