CVE-2018-8826 - Vulnerability Details

ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Asus	Rt-ac1200 Rt-ac1200 Firmware Rt-ac1750 Rt-ac1750 Firmware Rt-ac2900 Rt-ac2900 Firmware Rt-ac51u Rt-ac51u Firmware Rt-ac52u B1 Rt-ac52u B1 Firmware Rt-ac55u Rt-ac55u Firmware Rt-ac55uhp Rt-ac55uhp Firmware Rt-ac58u Rt-ac58u Firmware Rt-ac66u Rt-ac66u Firmware Rt-ac86u Rt-ac86u Firmware Rt-acrh13 Rt-acrh13 Firmware Rt-n12 D1 Rt-n12 D1 Firmware Rt-n600 Rt-n600 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:asus:rt-ac51u_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac51u:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:asus:rt-ac58u_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac58u:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac66u:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:asus:rt-ac1750_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac1750:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:asus:rt-n12_d1_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-n12_d1:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:asus:rt-ac52u_b1_firmware:3.0.0.4.380.10446:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac52u_b1:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:asus:rt-ac1200_firmware:3.0.0.4.380.10446:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac1200:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:asus:rt-n600_firmware:3.0.0.4.380.10446:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-n600:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:asus:rt-ac55u_firmware:3.0.0.4.382.50276:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac55u:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:asus:rt-ac55uhp_firmware:3.0.0.4.382.50276:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac55uhp:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4.384.20648:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:asus:rt-acrh13_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-acrh13:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:asus:rt-ac2900_firmware:3.0.0.4.384.20648:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ac2900:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/
https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/
https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/
https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/
https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/
https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/
https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/
https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/
https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/
https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/
https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/
https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/
https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/
https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-04-20T20:00:00

Updated: 2024-08-05T07:02:26.055Z

Reserved: 2018-03-20T00:00:00

Link: CVE-2018-8826

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-04-20T20:29:00.583

Modified: 2024-11-21T04:14:23.937

Link: CVE-2018-8826

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object