A vulnerability was found in ASUS ASMB8 iKVM Firmware version 1.14.51 and potentially in other versions. By leveraging SNMP arbitrary extensions, an attacker can execute commands on the system with root privileges and bypass SSH restrictions to introduce a new user.
A vulnerability was found in ASUS ASMB8 iKVM firmware version 1.14.51 and possibly others, allowing for Remote Code Execution (RCE) via SNMP arbitrary extensions. By exploiting this vulnerability, an attacker can run commands on the system with root privileges and introduce a new user to bypass SSH restrictions. Additionally, a hardcoded account 'sysadmin:superuser' was discovered. The vulnerability is identified as CVE-2023-26602.
Asus VideoSecurity Online is prone to a buffer overflow in the authentication mechanism of the included Web server. This issue only exists if authentication is enabled on the Web server.
The HTTP server in AsusWRT allows an unauthenticated client to perform a POST request, which can be combined with a vulnerability in the VPN configuration upload routine to enable a special command mode. This command mode can then be abused to execute commands as root by sending a UDP packet to infosvr on port UDP 9999. This exploit leverages that to start telnetd in a random port and connect to it. It has been tested with the RT-AC68U running AsusWRT Version 3.0.0.4.380.7743.
This module exploits an authentication bypass vulnerability in the infosvr service running on UDP port 9999 on various ASUS routers to execute arbitrary commands as root.This module launches the BusyBox Telnet daemon on the port specified in the TelnetPort option to gain an interactive remote shell.This module was tested successfully on an ASUS RT-N12E with firmware version 2.0.0.35.Numerous ASUS models are reportedly affected, but untested.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
The application suffers from an unquoted service path issue impacting the service 'ASUS HM Com Service (aaHMSvc.exe)' related to the Asus Motherboard Utilities. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with system privileges.
If an attacker had already compromised the system and the current user has the privileges to write in the 'C:Program Files (x86)ASUS' folder or in 'C:', he could place his own 'Program.exe' or 'GameSDK.exe' files respectively, and when the service starts, it would launch the malicious file, rather than the original 'GameSDK.exe'.
Services By CQR