Unknown
CVE-2017-11420
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- rt ac1200g firmware,
- rt ac1200gu firmware,
- rt ac1900p firmware,
- rt n12+ pro firmware,
- rt-ac1200 firmware,
- rt-ac3100 firmware,
- rt-ac3200 firmware,
- rt-ac51u firmware,
- rt-ac52u firmware,
- rt-ac53 firmware,
- rt-ac5300 firmware,
- rt-ac55u firmware,
- rt-ac56u firmware,
- rt-ac58u firmware,
- rt-ac66u b1 firmware,
- rt-ac66u firmware,
- rt-ac68p firmware,
- rt-ac68u firmware,
- rt-ac88u firmware,
- rt-n12+ firmware,
- rt-n12d1 firmware,
- rt-n12hp b1 firmware,
- rt-n12hp firmware,
- rt-n16 firmware,
- rt-n18u firmware,
- rt-n300 firmware,
- rt-n56u firmware,
- rt-n66u firmware
References
Miscellaneous
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
