Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ASUS WRT infosvr 权限许可和访问控制漏洞
Vulnerability Description
ASUS WRT是华硕(ASUS)公司的一个路由器固件。 RT-AC66U、RT-N66U等多款路由器中使用的ASUS WRT的infosvr中的common.c文件中存在安全漏洞,该漏洞源于程序没有正确检查请求的MAC地址。远程攻击者可通过向UDP 9999端口发送NET_CMD_ID_MANU_CMD数据包利用该漏洞绕过身份验证,执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A