CVE-2014-9583 - OpenCVE

common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Asus	Rt-ac66u Rt-n66u Wrt Firmware
T-mobile	Tm-ac1900

Configuration 1 [-]

cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376.2524-g0012f52:::::::*
	cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376_1071:::::::*

OR	cpe:2.3:h:asus:rt-ac66u::::::::
	cpe:2.3:h:asus:rt-n66u::::::::

References

Link	Resource
http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html	Exploit
http://www.exploit-db.com/exploits/35688	Exploit
https://github.com/jduck/asus-cmd	Exploit
https://support.t-mobile.com/docs/DOC-21994
https://www.exploit-db.com/exploits/44524/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2015-01-08T20:00:00

Updated: 2018-04-26T09:57:01

Reserved: 2015-01-08T00:00:00

Link: CVE-2014-9583

JSON object: View

NVD Information

Status : Modified

Published: 2015-01-08T20:59:02.243

Modified: 2018-04-27T01:29:00.617

Link: CVE-2014-9583

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-10-30T00:00:00", "descriptions": [{"lang": "en", "value": "common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-04-26T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "35688", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/35688"}, {"name": "44524", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/44524/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.t-mobile.com/docs/DOC-21994"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/jduck/asus-cmd"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-9583", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "35688", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/35688"}, {"name": "44524", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/44524/"}, {"name": "https://support.t-mobile.com/docs/DOC-21994", "refsource": "CONFIRM", "url": "https://support.t-mobile.com/docs/DOC-21994"}, {"name": "https://github.com/jduck/asus-cmd", "refsource": "MISC", "url": "https://github.com/jduck/asus-cmd"}, {"name": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-9583", "datePublished": "2015-01-08T20:00:00", "dateReserved": "2015-01-08T00:00:00", "dateUpdated": "2018-04-26T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*", "matchCriteriaId": "919D9673-1FCA-431D-9F30-643AAEFAC1DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376.2524-g0012f52:*:*:*:*:*:*:*", "matchCriteriaId": "DBCA7A1C-02A8-445A-B6AE-BB9C8FAF6E3D", "vulnerable": true}, {"criteria": "cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376_1071:*:*:*:*:*:*:*", "matchCriteriaId": "2156DB35-853F-4C69-89D6-4111FD849AD9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ac66u:*:*:*:*:*:*:*:*", "matchCriteriaId": "106D80BC-400A-4996-8A4E-68D3F24B200F", "vulnerable": false}, {"criteria": "cpe:2.3:h:asus:rt-n66u:*:*:*:*:*:*:*:*", "matchCriteriaId": "98F88197-8E64-468C-8F36-281ED8E3716A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change."}, {"lang": "es", "value": "common.c en infosvr en ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, y otras versiones, utilizado en RT-AC66U, RT-N66U, y otros routers, no comprueba correctamente la direcci\u00f3n MAC para una solicitud, lo que permite a atacantes remotos evadir la autenticaci\u00f3n y ejecutar comandos arbitrarios a trav\u00e9s de un paquete NET_CMD_ID_MANU_CMD en el puerto UDP 9999. NOTA: este problema fue mapeado incorrectamente a CVE-2014-10000, pero este identificador es inv\u00e1lido debido a su uso como ejemplo de cambio de la sintaxis de identificadores de CVEs del 2014."}], "id": "CVE-2014-9583", "lastModified": "2018-04-27T01:29:00.617", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-01-08T20:59:02.243", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/35688"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://github.com/jduck/asus-cmd"}, {"source": "cve@mitre.org", "url": "https://support.t-mobile.com/docs/DOC-21994"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/44524/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}