Vulnerabilities > CVE-2018-17022 - Out-of-bounds Write vulnerability in Asus Gt-Ac5300 Firmware

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

asus

CWE-787

NVD

Published: 2018-09-13

Updated: 2020-08-24

Summary

Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0 value and then sending an appGet.cgi?hook=select_list("Storage_x_SharedPath") request, because ej_select_list in router/httpd/web.c uses strcpy.

Vulnerable Configurations

Part	Description	Count
OS	Asus Asus GT Ac5300 Firmware 3.0.0.4.384.21140 Asus GT Ac5300 Firmware 3.0.0.4.384.32738 Asus GT Ac5300 Firmware 3.0.0.4.384.32799 Asus GT Ac5300 Firmware 3.0.0.4.384.45149 Asus GT Ac5300 Firmware 3.0.0.4.384.45713 Asus GT Ac5300 Firmware 3.0.0.4.384.45717 Asus GT Ac5300 Firmware 3.0.0.4.384_32738	7
Hardware	Asus Asus GT Ac5300 -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/PAGalaxyLab/VulInfo/blob/master/ASUS/buffer_overflow/ASUS%20GT-AC5300%20stack%20overflow.MD