CVE-2014-9583 : common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC

common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.

Published 2015-01-08 20:59:02

Updated 2018-04-27 01:29:01

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2014-9583

Probability of exploitation activity in the next 30 days: 96.52%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2014-9583

ASUS infosvr Auth Bypass Command Execution

Disclosure Date: 2015-01-04

First seen: 2020-04-26

exploit/linux/misc/asus_infosvr_auth_bypass_exec

This module exploits an authentication bypass vulnerability in the infosvr service running on UDP port 9999 on various ASUS routers to execute arbitrary commands as root. This module launches the BusyBox Telnet daemon on the port specified in the TelnetPort

More information

CVSS scores for CVE-2014-9583

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2014-9583

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-9583

https://github.com/jduck/asus-cmd

GitHub - jduck/asus-cmd: ASUS Router infosvr UDP Broadcast root Command Execution
Exploit
https://support.t-mobile.com/docs/DOC-21994

Wi-Fi CellSpot Router setup & help | T-Mobile Support

CVEs referencing this url
http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html

ASUSWRT 3.0.0.4.376_1071 LAN Backdoor Command Execution ≈ Packet Storm
Exploit
https://www.exploit-db.com/exploits/44524/

ASUS infosvr - Authentication Bypass Command Execution (Metasploit) - Hardware remote Exploit
http://www.exploit-db.com/exploits/35688

ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution - Hardware remote Exploit
Exploit

Products affected by CVE-2014-9583

Asus » Wrt Firmware » Version: 3.0.0.4.376.2524-g0012f52
cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376.2524-g0012f52:*:*:*:*:*:*:*
Matching versions
When used together with: Asus » Rt-ac66u
When used together with: Asus » Rt-n66u
Asus » Wrt Firmware » Version: 3.0.0.4.376 1071
cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376_1071:*:*:*:*:*:*:*
Matching versions
When used together with: Asus » Rt-ac66u
When used together with: Asus » Rt-n66u
T-mobile » Tm-ac1900 » Version: 3.0.0.4.376 3169
cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*
Matching versions