Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-9583 — WRT Firmware vulnerability

CWE-2647 documents6 sources

Severity

10.0CRITICALNVD

EPSS

91.0%

top 0.36%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Asus WRT Firmware T-mobile Tm-ac1900

Timeline

PublishedJan 8

Latest updateMay 14

Description

common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDasus/wrt_firmware3.0.0.4.376.2524-g0012f52, 3.0.0.4.376_1071+1

▶NVDt-mobile/tm-ac19003.0.0.4.376_3169

🔴Vulnerability Details

GHSA

GHSA-hv57-64g7-457f: common↗2022-05-14

▶

CVEList

CVE-2014-9583: common↗2015-01-08

▶

VulnCheck

ASUS WRT firmware common.c in infosvr Remote Code Execution↗2014

▶

💥Exploits & PoCs

Exploit-DB

ASUS infosvr - Authentication Bypass Command Execution (Metasploit)↗2018-04-24

▶

Exploit-DB

ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution↗2015-01-04

▶

🕵️Threat Intelligence

Fortinet

TheMoon - A P2P botnet targeting Home Routers↗2016-10-20

▶