CVE-2018-18319
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution
Affected (14)
Products: Asuswrt Merlin Project: Rt Ac5300 Firmware, Rt Ac1900p Firmware, Rt Ac68u Firmware, Rt Ac68p Firmware, Rt Ac88u Firmware, Rt Ac66u B1 Firmware, Rt Ac56u Firmware, Rt Ac3200 Firmware, Rt Ac68uf Firmware, Rt Ac87 Firmware, Rt Ac3100 Firmware, Rt Ac1900 Firmware, Rt Ac86u Firmware, Rt Ac2900 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac5300 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac1900p | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac68u | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac68p | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac88u | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac66u B1 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac56u | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac3200 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac68uf | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac87 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac3100 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac1900 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac86u | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 380.70 |
| Running on/with | Platform Versions |
|---|---|
Asuswrt Merlin Project Rt Ac2900 | All versions |
References (4)
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Timeline
No history available yet.