CVE-2023-26602
published 2023-02-26CVE-2023-26602: ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| asus | asmb8-ikvm_firmware | <= 1.14.51 | — |