关联漏洞
标题:
ASUS WiFi routers 操作系统命令注入漏洞
(CVE-2024-1655)
描述:ASUS WiFi routers是中国华硕(ASUS)公司的一系列路由器。 ASUS WiFi routers存在操作系统命令注入漏洞,该漏洞源于存在操作系统命令注入漏洞。攻击者可利用该漏洞执行任意代码。受影响的产品和版本:ASUS ExpertWiFi EBM63 3.0.0.6.102_32645之前版本,ExpertWiFi EBM68 3.0.0.6.102_44384之前版本,RT-AX57 Go 3.0.0.6.102_22188之前版本。
介绍
# CVE-2024-1655
## Description
ASUS ExpertWiFi EBM63, EBM68, and RT-AX57 Go firmwares before the 12-04-2024 patch contain a command injection vulnerability in splash_page_SDN.cgi function. When an attacker sends a specially crafted request, they can achieve arbitrary code execution.
references:
* [Official report](https://www.twcert.org.tw/tw/cp-132-7737-1acd0-1.html)
## Usage
The vulnerability is an authenticated RCE, users of this script are required to first retrieve the login token (value of asus_token from the cookie header) of the target.
```console
$ python3 CVE-2024-1655.py --host <TARGET_HOST> --token <ASUS_TOKEN> <COMMAND>
```
Example: Creating a file in the tmp directory
```console
$ python3 CVE-2024-1655.py --host http://192.168.1.1:8080 --token pEnRts37WwOZT1qwwJjhRWFhfBLBmNQ "echo pwned > /tmp/pwn.txt"
```
## Disclaimer
The author created this software for the sole purposes of academic research and aiding in understanding associated security risks. In addition, this software is not intended to be used to attack systems except where explicitly authorized. Project maintainers are not responsible or liable for misuse of the software. Responsible usage is advised.
文件快照
[4.0K] /data/pocs/a710821cfd4f781bb0f16c4567b78b65451240e0
├── [1.4K] CVE-2024-1655.py
└── [1.2K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。