Vulnerabilities > CVE-2018-17022 - Out-of-bounds Write vulnerability in Asus Gt-Ac5300 Firmware

CVSS 8.0 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

COMPLETE

network

low complexity

asus

CWE-787

NVD

Published: 2018-09-13

Updated: 2020-08-24

Summary

Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0 value and then sending an appGet.cgi?hook=select_list("Storage_x_SharedPath") request, because ej_select_list in router/httpd/web.c uses strcpy.

Vulnerable Configurations

Part	Description	Count
OS	Asus Asus GT Ac5300 Firmware 3.0.0.4.384.21140 Asus GT Ac5300 Firmware 3.0.0.4.384.32738 Asus GT Ac5300 Firmware 3.0.0.4.384.32799 Asus GT Ac5300 Firmware 3.0.0.4.384.45149 Asus GT Ac5300 Firmware 3.0.0.4.384.45713 Asus GT Ac5300 Firmware 3.0.0.4.384.45717	6
Hardware	Asus Asus GT Ac5300 -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/PAGalaxyLab/VulInfo/blob/master/ASUS/buffer_overflow/ASUS%20GT-AC5300%20stack%20overflow.MD