Vulnerability Details : CVE-2014-9583
Public exploit exists!
common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.
Exploit prediction scoring system (EPSS) score for CVE-2014-9583
Probability of exploitation activity in the next 30 days: 96.52%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2014-9583
-
ASUS infosvr Auth Bypass Command Execution
Disclosure Date: 2015-01-04First seen: 2020-04-26exploit/linux/misc/asus_infosvr_auth_bypass_execThis module exploits an authentication bypass vulnerability in the infosvr service running on UDP port 9999 on various ASUS routers to execute arbitrary commands as root. This module launches the BusyBox Telnet daemon on the port specified in the TelnetPort
CVSS scores for CVE-2014-9583
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2014-9583
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-9583
-
https://github.com/jduck/asus-cmd
GitHub - jduck/asus-cmd: ASUS Router infosvr UDP Broadcast root Command ExecutionExploit
-
https://support.t-mobile.com/docs/DOC-21994
Wi-Fi CellSpot Router setup & help | T-Mobile Support
-
http://packetstormsecurity.com/files/129815/ASUSWRT-3.0.0.4.376_1071-LAN-Backdoor-Command-Execution.html
ASUSWRT 3.0.0.4.376_1071 LAN Backdoor Command Execution ≈ Packet StormExploit
-
https://www.exploit-db.com/exploits/44524/
ASUS infosvr - Authentication Bypass Command Execution (Metasploit) - Hardware remote Exploit
-
http://www.exploit-db.com/exploits/35688
ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution - Hardware remote ExploitExploit
Products affected by CVE-2014-9583
- cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376.2524-g0012f52:*:*:*:*:*:*:*
- cpe:2.3:o:asus:wrt_firmware:3.0.0.4.376_1071:*:*:*:*:*:*:*
- cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*