CVE-2018-8826

CWE-20Improper Input Validation3 documents3 sources
Severity
9.8CRITICAL
EPSS
5.5%
top 9.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
Asus Rt-ac1200 FirmwareAsus Rt-ac1750 FirmwareAsus Rt-ac2900 Firmware+10 more
Timeline
PublishedApr 20
Latest updateMay 14

Description

ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages13 packages

NVDasus/rt-ac55uhp_firmware3.0.0.4.382.50276
NVDasus/rt-n600_firmware3.0.0.4.380.10446
NVDasus/rt-ac51u_firmware3.0.0.4.380.8228
NVDasus/rt-ac55u_firmware3.0.0.4.382.50276
NVDasus/rt-ac58u_firmware3.0.0.4.380.8228

🔴Vulnerability Details

2
GHSA
GHSA-87g7-g8rw-gjv7: ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 32022-05-14
CVEList
CVE-2018-8826: ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 32018-04-20
CVE-2018-8826 (CRITICAL CVSS 9.8) | ASUS RT-AC51U | cvebase.io