CVE-2018-10987 — HIGH (7.5)

Vulnerability Description

An issue was discovered on Dongguan Diqee Diqee360 devices. The affected vacuum cleaner suffers from an authenticated remote code execution vulnerability. An authenticated attacker can send a specially crafted UDP packet, and execute commands on the vacuum cleaner as root. The bug is in the function REQUEST_SET_WIFIPASSWD (UDP command 153). A crafted UDP packet runs "/mnt/skyeye/mode_switch.sh %s" with an attacker controlling the %s variable. In some cases, authentication can be achieved with the default password of 888888 for the admin account.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Diqee	Diqee360 Firmware	-
Diqee	Diqee360	-

Related Weaknesses (CWE)

CWE-78

References

https://gist.github.com/neolead/10b27c5c04bca84a5515783ca6f2ecb4#file-cve-2018-1Third Party Advisory
https://gist.github.com/neolead/10b27c5c04bca84a5515783ca6f2ecb4#file-cve-2018-1Third Party Advisory

FAQ

What is CVE-2018-10987?

CVE-2018-10987 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered on Dongguan Diqee Diqee360 devices. The affected vacuum cleaner suffers from an authenticated remote code execution vulnerability. An authenticated attacker can send a speciall...

How severe is CVE-2018-10987?

CVE-2018-10987 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-10987?

Check the references section above for vendor advisories and patch information. Affected products include: Diqee Diqee360 Firmware, Diqee Diqee360.