CVE-2017-11420 : Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin

Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66U_B1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RT_AC1200GU, RT_AC1200G, RT-AC1200, RT-AC53, RT-N12HP, RT-N12HP_B1, RT-N12D1, RT-N12+, RT_N12+_PRO, RT-N16, and RT-N300 devices allows remote attackers to execute arbitrary code via long device information that is mishandled during a strcat to a device list.

Published 2017-07-18 05:29:00

Updated 2017-12-20 02:29:03

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2017-11420

Asuswrt-merlin Project » Rt-ac5300 Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac5300 » Version: N/A
Asuswrt-merlin Project » Rt Ac1900p Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt Ac1900p » Version: N/A
Asuswrt-merlin Project » Rt-ac68u Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac68u » Version: N/A
Asuswrt-merlin Project » Rt-ac68p Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac68p » Version: N/A
Asuswrt-merlin Project » Rt-ac88u Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac88u » Version: N/A
Asuswrt-merlin Project » Rt-ac66u Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac66u » Version: N/A
Asuswrt-merlin Project » Rt-ac66u B1 Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac66u B1 » Version: N/A
Asuswrt-merlin Project » Rt-ac58u Firmware
Versions up to, including, (<=) 3.0.0.4.380.7485
cpe:2.3:o:asuswrt-merlin_project:rt-ac58u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac58u » Version: N/A
Asuswrt-merlin Project » Rt-ac56u Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac56u » Version: N/A
Asuswrt-merlin Project » Rt-ac55u Firmware
Versions up to, including, (<=) 3.0.0.4.380.7378
cpe:2.3:o:asuswrt-merlin_project:rt-ac55u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac55u » Version: N/A
Asuswrt-merlin Project » Rt-ac52u Firmware
Versions up to, including, (<=) 3.0.0.4.380.4180
cpe:2.3:o:asuswrt-merlin_project:rt-ac52u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac52u » Version: N/A
Asuswrt-merlin Project » Rt-ac51u Firmware
Versions up to, including, (<=) 3.0.0.4.380.7378
cpe:2.3:o:asuswrt-merlin_project:rt-ac51u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac51u » Version: N/A
Asuswrt-merlin Project » Rt-n18u Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt-n18u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-n18u » Version: N/A
Asuswrt-merlin Project » Rt-n66u Firmware
Versions up to, including, (<=) 3.0.0.4.380.7378
cpe:2.3:o:asuswrt-merlin_project:rt-n66u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-n66u » Version: N/A
Asuswrt-merlin Project » Rt-n56u Firmware
Versions up to, including, (<=) 3.0.0.4.378.7177
cpe:2.3:o:asuswrt-merlin_project:rt-n56u_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-n56u » Version: N/A
Asuswrt-merlin Project » Rt-ac3200 Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac3200 » Version: N/A
Asuswrt-merlin Project » Rt-ac3100 Firmware
Versions up to, including, (<=) 3.0.0.4.380.7743
cpe:2.3:o:asuswrt-merlin_project:rt-ac3100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac3100 » Version: N/A
Asuswrt-merlin Project » Rt Ac1200gu Firmware
Versions up to, including, (<=) 3.0.0.4.380.5577
cpe:2.3:o:asuswrt-merlin_project:rt_ac1200gu_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt Ac1200gu » Version: N/A
Asuswrt-merlin Project » Rt Ac1200g Firmware
Versions up to, including, (<=) 3.0.0.4.380.3167
cpe:2.3:o:asuswrt-merlin_project:rt_ac1200g_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt Ac1200g » Version: N/A
Asuswrt-merlin Project » Rt-ac1200 Firmware
Versions up to, including, (<=) 3.0.0.4.380.9880
cpe:2.3:o:asuswrt-merlin_project:rt-ac1200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac1200 » Version: N/A
Asuswrt-merlin Project » Rt-ac53 Firmware
Versions up to, including, (<=) 3.0.0.4.380.9883
cpe:2.3:o:asuswrt-merlin_project:rt-ac53_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-ac53 » Version: N/A
Asuswrt-merlin Project » Rt-n12hp Firmware
Versions up to, including, (<=) 3.0.0.4.380.2943
cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-n12hp » Version: N/A
Asuswrt-merlin Project » Rt-n12hp B1 Firmware
Versions up to, including, (<=) 3.0.0.4.380.3479
cpe:2.3:o:asuswrt-merlin_project:rt-n12hp_b1_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-n12hp B1 » Version: N/A
Asuswrt-merlin Project » Rt-n12d1 Firmware
Versions up to, including, (<=) 3.0.0.4.380.7378
cpe:2.3:o:asuswrt-merlin_project:rt-n12d1_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-n12d1 » Version: N/A
Asuswrt-merlin Project » Rt-n12+ Firmware
Versions up to, including, (<=) 3.0.0.4.380.7378
cpe:2.3:o:asuswrt-merlin_project:rt-n12\+_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-n12+ » Version: N/A
Asuswrt-merlin Project » Rt N12+ Pro Firmware
Versions up to, including, (<=) 3.0.0.4.380.9880
cpe:2.3:o:asuswrt-merlin_project:rt_n12\+_pro_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt N12+ Pro » Version: N/A
Asuswrt-merlin Project » Rt-n16 Firmware
Versions up to, including, (<=) 3.0.0.4.380.7378
cpe:2.3:o:asuswrt-merlin_project:rt-n16_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-n16 » Version: N/A
Asuswrt-merlin Project » Rt-n300 Firmware
Versions up to, including, (<=) 3.0.0.4.380.7378
cpe:2.3:o:asuswrt-merlin_project:rt-n300_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Asuswrt-merlin Project » Rt-n300 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2017-11420

EPSS FAQ

6.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 90 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-11420

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-11420

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-11420

http://www.openwall.com/lists/oss-security/2017/07/13/1

oss-security - CVE-IDs request for ASUS wiress router Remote Command/Code Execution Vulnerability
Exploit;Mailing List;Third Party Advisory
https://asuswrt.lostrealm.ca/changelog

Changelog 380.xx | Asuswrt-Merlin

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2017-11420

Products affected by CVE-2017-11420

Exploit prediction scoring system (EPSS) score for CVE-2017-11420

CVSS scores for CVE-2017-11420

CWE ids for CVE-2017-11420

References for CVE-2017-11420