CVE-2021-40556 - OpenCVE

A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by "caupload" input handle function allowing the user to enter 0xFFFF bytes into the stack. This vulnerability allows an attacker to execute commands remotely. The vulnerability requires authentication.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Asus	Rt-ax56u Firmware Rt-ax56u

Configuration 1 [-]

AND

cpe:2.3:o:asus:rt-ax56u_firmware:3.0.0.4.386.44266:*:*:*:*:*:*:*

cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.asus.com/tw/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/	Product Vendor Advisory
https://x1ng.top/2021/10/14/ASUS%E6%A0%88%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-06T00:00:00

Updated: 2022-10-06T00:00:00

Reserved: 2021-09-07T00:00:00

Link: CVE-2021-40556

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-10-06T18:15:50.453

Modified: 2022-10-07T17:39:32.723

Link: CVE-2021-40556

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax56u_firmware:3.0.0.4.386.44266:*:*:*:*:*:*:*", "matchCriteriaId": "F31163B5-A930-40F9-ACDA-8E93755B1C43", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D747097-702E-4046-9723-01A586336534", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by \"caupload\" input handle function allowing the user to enter 0xFFFF bytes into the stack. This vulnerability allows an attacker to execute commands remotely. The vulnerability requires authentication."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de desbordamiento de pila en el servicio httpd del router ASUS RT-AX56U versi\u00f3n 3.0.0.4.386.44266. Esta vulnerabilidad es causada por la funci\u00f3n strcat llamada por la funci\u00f3n de manejo de entrada \"caupload\" que permite al usuario introducir bytes 0xFFFF en la pila. Esta vulnerabilidad permite a un atacante ejecutar comandos de forma remota. La vulnerabilidad requiere autenticaci\u00f3n"}], "id": "CVE-2021-40556", "lastModified": "2022-10-07T17:39:32.723", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-06T18:15:50.453", "references": [{"source": "cve@mitre.org", "tags": ["Product", "Vendor Advisory"], "url": "https://www.asus.com/tw/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://x1ng.top/2021/10/14/ASUS%E6%A0%88%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}