Lucene search
MitreCVELIST:CVE-2018-6000HistoryJan 22, 2018 - 8:00 p.m.
CVE-2018-6000
2018-01-2220:00:00
mitre
www.cve.org
1
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.
Related
nvd
nvd
CVE-2018-6000
2018-01-22 20:29:00
CVE-2018-5999
2018-01-22 20:29:00
zdt
zdt
AsusWRT LAN Unauthenticated Remote Code Execution Exploit
2018-02-23 00:00:00
cve
cve
CVE-2018-6000
2018-01-22 20:29:00
CVE-2018-5999
2018-01-22 20:29:00
prion
prion
Command injection
2018-01-22 20:29:00
Authentication flaw
2018-01-22 20:29:00
packetstorm
packetstorm
AsusWRT LAN Unauthenticated Remote Code Execution
2018-02-23 00:00:00
AsusWRT Router Remote Code Execution
2018-01-26 00:00:00
exploitpack
exploitpack
AsusWRT Router 3.0.0.4.380.7743 - LAN Remote Code Execution
2018-01-22 00:00:00
threatpost
threatpost
pentestit
pentestit
UPDATED VERSION: RouterSploit 3.4.0
2018-10-18 18:13:04
exploitdb
exploitdb
AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution
2018-01-22 00:00:00
saint
saint
ASUSWRT vpnupload.cgi authentication bypass
2018-02-28 00:00:00
ASUSWRT vpnupload.cgi authentication bypass
2018-02-28 00:00:00
ASUSWRT vpnupload.cgi authentication bypass
2018-02-28 00:00:00
cvelist
cvelist
CVE-2018-5999
2018-01-22 20:00:00