메뉴 건너뛰기

GREATUSER

cve

CVE-2018-6000

관리자 2018.01.25 04:00 조회 수 : 64

An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6000
번호 제목 글쓴이 날짜 조회 수
497 CVE-2018-5968 관리자 2018.01.25 19
496 CVE-2017-13138 (bridge) 관리자 2017.08.27 19
495 CVE-2017-15090 관리자 2018.01.25 18
494 CVE-2017-14118 관리자 2017.09.04 18
493 CVE-2014-9564 관리자 2017.08.27 18
492 CVE-2017-11317 관리자 2017.08.27 17
491 CVE-2018-5958 관리자 2018.01.25 16
490 CVE-2016-3210 관리자 2016.06.17 16
489 CVE-2017-15107 관리자 2018.01.25 15
488 CVE-2018-1000012 관리자 2018.01.25 15
487 CVE-2018-1000015 관리자 2018.01.25 15
486 CVE-2017-12135 관리자 2017.08.27 15
485 CVE-2017-2740 관리자 2018.01.25 14
484 CVE-2017-15105 관리자 2018.01.25 14
483 CVE-2015-1142857 관리자 2018.01.25 14
위로