| Summary | Global buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to write shellcode at any address in the heap; this can be used to execute arbitrary code on the router by hosting a crafted device description XML document at a URL specified within a Location header in an SSDP response. |
|---|---|
| Publication Date | July 17, 2017, 10:18 p.m. |
| Registration Date | Jan. 26, 2021, 1:12 p.m. |
| Last Update | Nov. 21, 2024, 12:07 p.m. |
| CVSS3.0 : HIGH | |
| スコア | 7.8 |
|---|---|
| Vector | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 攻撃元区分(AV) | ローカル |
| 攻撃条件の複雑さ(AC) | 低 |
| 攻撃に必要な特権レベル(PR) | 不要 |
| 利用者の関与(UI) | 要 |
| 影響の想定範囲(S) | 変更なし |
| 機密性への影響(C) | 高 |
| 完全性への影響(I) | 高 |
| 可用性への影響(A) | 高 |
| CVSS2.0 : HIGH | |
| Score | 9.3 |
|---|---|
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
| 攻撃元区分(AV) | ネットワーク |
| 攻撃条件の複雑さ(AC) | 中 |
| 攻撃前の認証要否(Au) | 不要 |
| 機密性への影響(C) | 高 |
| 完全性への影響(I) | 高 |
| 可用性への影響(A) | 高 |
| Get all privileges. | いいえ |
| Get user privileges | いいえ |
| Get other privileges | いいえ |
| User operation required | はい |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:* | ||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:* | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:* | ||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:* | ||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:* | ||||
| Configuration6 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac66u:-:*:*:*:*:*:*:* | ||||
| Configuration7 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:* | ||||
| Configuration8 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac58u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7485 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac58u:-:*:*:*:*:*:*:* | ||||
| Configuration9 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:* | ||||
| Configuration10 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac55u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7378 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac55u:-:*:*:*:*:*:*:* | ||||
| Configuration11 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac52u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.4180 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac52u:-:*:*:*:*:*:*:* | ||||
| Configuration12 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac51u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7378 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac51u:-:*:*:*:*:*:*:* | ||||
| Configuration13 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-n18u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-n18u:-:*:*:*:*:*:*:* | ||||
| Configuration14 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-n66u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7378 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-n66u:-:*:*:*:*:*:*:* | ||||
| Configuration15 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-n56u_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.378.7177 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-n56u:-:*:*:*:*:*:*:* | ||||
| Configuration16 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac3200:-:*:*:*:*:*:*:* | ||||
| Configuration17 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7743 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac3100:-:*:*:*:*:*:*:* | ||||
| Configuration18 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt_ac1200gu_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.5577 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt_ac1200gu:-:*:*:*:*:*:*:* | ||||
| Configuration19 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt_ac1200g_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.3167 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt_ac1200g:-:*:*:*:*:*:*:* | ||||
| Configuration20 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac1200_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.9880 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac1200:-:*:*:*:*:*:*:* | ||||
| Configuration21 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-ac53_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.9883 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-ac53:-:*:*:*:*:*:*:* | ||||
| Configuration22 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.2943 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-n12hp:-:*:*:*:*:*:*:* | ||||
| Configuration23 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_b1_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.3479 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-n12hp_b1:-:*:*:*:*:*:*:* | ||||
| Configuration24 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-n12d1_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7378 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-n12d1:-:*:*:*:*:*:*:* | ||||
| Configuration25 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-n12\+_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7378 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-n12\+:-:*:*:*:*:*:*:* | ||||
| Configuration26 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt_n12\+_pro_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.9880 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt_n12\+_pro:-:*:*:*:*:*:*:* | ||||
| Configuration27 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-n16_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7378 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-n16:-:*:*:*:*:*:*:* | ||||
| Configuration28 | or higher | or less | more than | less than | |
| cpe:2.3:o:asuswrt-merlin_project:rt-n300_firmware:*:*:*:*:*:*:*:* | 3.0.0.4.380.7378 | ||||
| execution environment | |||||
| 1 | cpe:2.3:h:asuswrt-merlin_project:rt-n300:-:*:*:*:*:*:*:* | ||||
| Title | 複数の ASUS デバイス用 Asuswrt-Merlin ファームウェアおよび ASUS ファームウェアのネットワークマップにおけるグローバルバッファオーバーフローの脆弱性 |
|---|---|
| Summary | 複数の ASUS デバイス用 Asuswrt-Merlin ファームウェアおよび ASUS ファームウェアのネットワークマップには、グローバルバッファオーバーフローの脆弱性が存在します。 |
| Possible impacts | リモートの攻撃者により、ヒープ内の任意のアドレスにシェルコードを書き込まれ、ルータ上で任意のコードを実行される可能性があります。 |
| Solution | ベンダ情報および参考情報を参照して適切な対策を実施してください。 |
| Publication Date | July 14, 2017, midnight |
| Registration Date | Aug. 14, 2017, 7:05 p.m. |
| Last Update | Aug. 14, 2017, 7:05 p.m. |
| Asuswrt-Merlin firmware project |
| RT AC1200G ファームウェア |
| RT AC1200GU ファームウェア |
| RT AC1900P ファームウェア |
| RT N12+ PRO ファームウェア |
| RT-AC1200 ファームウェア |
| RT-AC3100 ファームウェア |
| RT-AC3200 ファームウェア |
| RT-AC51U ファームウェア |
| RT-AC52U ファームウェア |
| RT-AC53 ファームウェア |
| RT-AC5300 ファームウェア |
| RT-AC55U ファームウェア |
| RT-AC56U ファームウェア |
| RT-AC58U ファームウェア |
| RT-AC66U B1 ファームウェア |
| RT-AC66U ファームウェア |
| RT-AC68P ファームウェア |
| RT-AC68U ファームウェア |
| RT-AC88U ファームウェア |
| RT-N12+ ファームウェア |
| RT-N12D1 ファームウェア |
| RT-N12HP B1 ファームウェア |
| RT-N12HP ファームウェア |
| RT-N16 ファームウェア |
| RT-N18U ファームウェア |
| RT-N300 ファームウェア |
| RT-N56U ファームウェア |
| RT-N66U ファームウェア |
| No | Changed Details | Date of change |
|---|---|---|
| 0 | [2017年08月14日] 掲載 |
Feb. 17, 2018, 10:37 a.m. |