Vulnerability Details : CVE-2018-8826
ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors.
Vulnerability category: Input validationExecute code
Products affected by CVE-2018-8826
- cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac1750_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac51u_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac58u_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n12_d1_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac52u_b1_firmware:3.0.0.4.380.10446:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac1200_firmware:3.0.0.4.380.10446:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-n600_firmware:3.0.0.4.380.10446:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac55u_firmware:3.0.0.4.382.50276:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac55uhp_firmware:3.0.0.4.382.50276:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4.384.20648:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-acrh13_firmware:3.0.0.4.380.8228:*:*:*:*:*:*:*
- cpe:2.3:o:asus:rt-ac2900_firmware:3.0.0.4.384.20648:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-8826
5.83%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 90 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-8826
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2018-8826
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-8826
-
https://www.asus.com/Networking/RT-AC52U-B1/HelpDesk_BIOS/
RT-AC52U B1 BIOS & FIRMWARE | Networking | ASUS GlobalVendor Advisory
-
https://www.asus.com/sg/Networking/RT-AC58U/HelpDesk_BIOS/
RT-AC58U BIOS & FIRMWARE | Networking | ASUS SingaporeVendor Advisory
-
https://www.asus.com/us/Networking/RT-AC1750/HelpDesk_BIOS/
RT-AC1750 BIOS & FIRMWARE | Networking | ASUS USAVendor Advisory
-
https://www.asus.com/us/Networking/RT-AC86U/HelpDesk_BIOS/
RT-AC86U BIOS & FIRMWARE | Networking | ASUS USAVendor Advisory
-
https://www.asus.com/ca-en/Networking/RT-N600/HelpDesk_Download/
RT-N600 Driver & Tools | Networking | ASUS CanadaVendor Advisory
-
https://www.asus.com/us/supportonly/RT-AC55UHP/HelpDesk_BIOS/
RT-AC55UHP | ASUS USAVendor Advisory
-
https://www.asus.com/us/supportonly/RT-AC55U/HelpDesk_BIOS/
RT-AC55U | ASUS USAVendor Advisory
-
https://www.asus.com/us/Networking/RTAC66U/HelpDesk_BIOS/
RT-AC66U BIOS & FIRMWARE | Networking | ASUS USAVendor Advisory
-
https://www.asus.com/us/Networking/RT-ACRH13/HelpDesk_BIOS/
RT-ACRH13 BIOS & FIRMWARE | Networking | ASUS USAVendor Advisory
-
https://www.asus.com/us/Networking/RT-AC1200/HelpDesk_BIOS/
RT-AC1200 BIOS & FIRMWARE | Networking | ASUS USAVendor Advisory
-
https://www.asus.com/us/supportonly/RT-AC51U/HelpDesk_BIOS/
RT-AC51U | ASUS USAVendor Advisory
-
https://www.asus.com/Networking/RT-AC2900/HelpDesk_BIOS/
RT-AC2900 BIOS & FIRMWARE | Networking | ASUS GlobalVendor Advisory
-
https://www.asus.com/us/Networking/RTN66W/HelpDesk_BIOS/
RT-N66W BIOS & FIRMWARE | Networking | ASUS USAVendor Advisory
-
https://www.asus.com/us/Networking/RTN12_D1/HelpDesk_BIOS/
RT-N12 D1 BIOS & FIRMWARE | Networking | ASUS USAVendor Advisory
Jump to