The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures ssh-permanent-enable WAN SSH logins to the remotessh account with the 5SaP9I26 password, which allows remote attackers to access a "Terminal shell v1.0" service, and subsequently obtain unrestricted root privileges, by establishing an SSH session and then entering certain shell metacharacters and BusyBox commands.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/100585 | Third Party Advisory VDB Entry |
https://threatpost.com/bugs-in-arris-modems-distributed-by-att-vulnerable-to-trivial-attacks/127753/ | Third Party Advisory |
https://www.nomotion.net/blog/sharknatto/ | Exploit Mitigation Technical Description Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-09-03T19:00:00
Updated: 2017-09-05T09:57:01
Reserved: 2017-09-03T00:00:00
Link: CVE-2017-14115
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-09-03T19:29:00.267
Modified: 2021-08-23T17:24:49.857
Link: CVE-2017-14115
JSON object: View
Redhat Information
No data.
CWE