CVE-2018-6000 — CRITICAL (9.8)

Q: How severe is CVE-2018-6000?

CVE-2018-6000 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2018-6000?

Check the references section above for vendor advisories and patch information. Affected products include: Asus Asuswrt.

Vulnerability Description

An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Asus	Asuswrt	< 3.0.0.4.384_10007

Related Weaknesses (CWE)

CWE-862

References

https://blogs.securiteam.com/index.php/archives/3589ExploitTechnical DescriptionThird Party Advisory
https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txtExploitThird Party Advisory
https://raw.githubusercontent.com/pedrib/PoC/master/exploits/metasploit/asuswrt_ExploitThird Party Advisory
https://www.exploit-db.com/exploits/43881/ExploitThird Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/44176/
https://blogs.securiteam.com/index.php/archives/3589ExploitTechnical DescriptionThird Party Advisory
https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txtExploitThird Party Advisory
https://raw.githubusercontent.com/pedrib/PoC/master/exploits/metasploit/asuswrt_ExploitThird Party Advisory
https://www.exploit-db.com/exploits/43881/ExploitThird Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/44176/

FAQ

What is CVE-2018-6000?

CVE-2018-6000 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which ...

How severe is CVE-2018-6000?

CVE-2018-6000 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2018-6000?

Check the references section above for vendor advisories and patch information. Affected products include: Asus Asuswrt.