CVE-2014-9583 - Vulnerability Details - OpenCVE

common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Asus	Rt-ac66u Rt-n66u Wrt Firmware
T-mobile	Tm-ac1900

Configuration 1 [-]

cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376.2524-g0012f52:::::::*
	cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376_1071:::::::*

OR	cpe:2.3:h:asus:rt-ac66u::::::::
	cpe:2.3:h:asus:rt-n66u::::::::

No data.

References

Link	Providers
http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html
http://www.exploit-db.com/exploits/35688
https://github.com/jduck/asus-cmd
https://support.t-mobile.com/docs/DOC-21994
https://www.exploit-db.com/exploits/44524/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2015-01-08T20:00:00

Updated: 2024-08-06T13:47:41.675Z

Reserved: 2015-01-08T00:00:00

Link: CVE-2014-9583

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-01-08T20:59:02.243

Modified: 2024-11-21T02:21:11.230

Link: CVE-2014-9583

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-10-30T00:00:00", "descriptions": [{"lang": "en", "value": "common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-04-26T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "35688", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/35688"}, {"name": "44524", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/44524/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.t-mobile.com/docs/DOC-21994"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/jduck/asus-cmd"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-9583", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "35688", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/35688"}, {"name": "44524", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/44524/"}, {"name": "https://support.t-mobile.com/docs/DOC-21994", "refsource": "CONFIRM", "url": "https://support.t-mobile.com/docs/DOC-21994"}, {"name": "https://github.com/jduck/asus-cmd", "refsource": "MISC", "url": "https://github.com/jduck/asus-cmd"}, {"name": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:47:41.675Z"}, "title": "CVE Program Container", "references": [{"name": "35688", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/35688"}, {"name": "44524", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/44524/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.t-mobile.com/docs/DOC-21994"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/jduck/asus-cmd"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-9583", "datePublished": "2015-01-08T20:00:00", "dateReserved": "2015-01-08T00:00:00", "dateUpdated": "2024-08-06T13:47:41.675Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*", "matchCriteriaId": "919D9673-1FCA-431D-9F30-643AAEFAC1DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376.2524-g0012f52:*:*:*:*:*:*:*", "matchCriteriaId": "DBCA7A1C-02A8-445A-B6AE-BB9C8FAF6E3D", "vulnerable": true}, {"criteria": "cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376_1071:*:*:*:*:*:*:*", "matchCriteriaId": "2156DB35-853F-4C69-89D6-4111FD849AD9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ac66u:*:*:*:*:*:*:*:*", "matchCriteriaId": "106D80BC-400A-4996-8A4E-68D3F24B200F", "vulnerable": false}, {"criteria": "cpe:2.3:h:asus:rt-n66u:*:*:*:*:*:*:*:*", "matchCriteriaId": "98F88197-8E64-468C-8F36-281ED8E3716A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change."}, {"lang": "es", "value": "common.c en infosvr en ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, y otras versiones, utilizado en RT-AC66U, RT-N66U, y otros routers, no comprueba correctamente la direcci\u00f3n MAC para una solicitud, lo que permite a atacantes remotos evadir la autenticaci\u00f3n y ejecutar comandos arbitrarios a trav\u00e9s de un paquete NET_CMD_ID_MANU_CMD en el puerto UDP 9999. NOTA: este problema fue mapeado incorrectamente a CVE-2014-10000, pero este identificador es inv\u00e1lido debido a su uso como ejemplo de cambio de la sintaxis de identificadores de CVEs del 2014."}], "id": "CVE-2014-9583", "lastModified": "2024-11-21T02:21:11.230", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-01-08T20:59:02.243", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/35688"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://github.com/jduck/asus-cmd"}, {"source": "cve@mitre.org", "url": "https://support.t-mobile.com/docs/DOC-21994"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/44524/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/35688"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://github.com/jduck/asus-cmd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.t-mobile.com/docs/DOC-21994"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/44524/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}