메뉴 건너뛰기

XEDITION

cve

CVE-2018-6000

관리자 2018.01.25 04:00 조회 수 : 2

An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6000
번호 제목 글쓴이 날짜 조회 수
512 CVE-2017-16600 관리자 2018.01.25 0
511 CVE-2017-16602 관리자 2018.01.25 0
510 CVE-2017-16603 관리자 2018.01.25 0
509 CVE-2018-6014 관리자 2018.01.25 0
508 CVE-2018-6013 관리자 2018.01.25 0
507 CVE-2017-1000416 관리자 2018.01.25 0
506 CVE-2018-0849 관리자 2018.01.25 0
505 CVE-2018-0862 관리자 2018.01.25 1
504 CVE-2018-0845 관리자 2018.01.25 2
503 CVE-2017-1000417 관리자 2018.01.25 0
502 CVE-2018-0848 관리자 2018.01.25 2
501 CVE-2018-6009 관리자 2018.01.25 0
500 CVE-2018-6010 관리자 2018.01.25 0
» CVE-2018-6000 관리자 2018.01.25 2
498 CVE-2018-5999 관리자 2018.01.25 1
위로