lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 26 Jan 2018 15:33:20 +0700
From: Pedro Ribeiro <>
Subject: Re: [FD]
	SSD Advisory – Hack2Win – Asus Unauthenticated LAN Remote Command Execution

On 22 January 2018 at 19:00, Maor Shwartz <> wrote:

> SSD Advisory – Hack2Win – Asus Unauthenticated LAN Remote Command Execution
> Full report:
> Twitter: @SecuriTeam_SSD
> Weibo: SecuriTeam_SSD
> Vulnerabilities Summary
> The following advisory describes two (2) vulnerabilities found in AsusWRT
> Version The combination of the vulnerabilities leads to
> LAN remote command execution on any Asus router.
> graphical user interface gives you easy access to the 30-second, 3-step
> web-based installation process. It’s also where you can configure AiCloud
> 2.0 and all advanced options. ASUSWRT is web-based, so it doesn’t need a
> separate app, or restrict what you can change via mobile devices — you get
> full access to everything, from any device that can run a web browser”
> The vulnerabilities found are:
> Access bypass
> Configuration manipulation
> Credit
> An independent security researcher, Pedro Ribeiro (,
> has reported this vulnerability to Beyond Security’s SecuriTeam Secure
> Disclosure program.
> Vendor response
> Asus were informed of the vulnerabilities and released patches to address
> them (version
> For more details:
Just to add that MITRE has provided CVE for the issues found:

Access bypass: CVE-2018-5999
Configuration manipulation: CVE-2018-6000

Thanks again to SecuriTeam for helping with the disclosure.

Advisory links have been updated:


Sent through the Full Disclosure mailing list
Web Archives & RSS:

Powered by blists - more mailing lists