CVE编号
CVE-2017-11420利用情况
暂无补丁情况
N/A披露时间
2017-07-18漏洞描述
ASUS RT-AC5300等是华硕(ASUS)公司的RT系列路由器产品。Asuswrt-Merlin是运行在其中的固件。多款ASUS产品中的Asuswrt-Merlin固件的networkmap的ASUS_Discovery.c文件存在栈缓冲区溢出漏洞。远程攻击者可借助较长的设备信息利用该漏洞执行任意代码。
解决建议
厂商尚未提供漏洞修复方案,请关注厂商主页更新:https://www.asus.com/
参考链接 |
|
|---|---|
| http://www.openwall.com/lists/oss-security/2017/07/13/1 | |
| https://asuswrt.lostrealm.ca/changelog |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac1200_firmware | * |
Up to (including) 3.0.0.4.380.9880 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac3100_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac3200_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac51u_firmware | * |
Up to (including) 3.0.0.4.380.7378 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac52u_firmware | * |
Up to (including) 3.0.0.4.380.4180 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac5300_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac53_firmware | * |
Up to (including) 3.0.0.4.380.9883 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac55u_firmware | * |
Up to (including) 3.0.0.4.380.7378 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac56u_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac58u_firmware | * |
Up to (including) 3.0.0.4.380.7485 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac66u_b1_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac66u_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac68p_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac68u_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac88u_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n12+_firmware | * |
Up to (including) 3.0.0.4.380.7378 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n12d1_firmware | * |
Up to (including) 3.0.0.4.380.7378 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n12hp_b1_firmware | * |
Up to (including) 3.0.0.4.380.3479 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n12hp_firmware | * |
Up to (including) 3.0.0.4.380.2943 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n16_firmware | * |
Up to (including) 3.0.0.4.380.7378 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n18u_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n300_firmware | * |
Up to (including) 3.0.0.4.380.7378 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n56u_firmware | * |
Up to (including) 3.0.0.4.378.7177 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n66u_firmware | * |
Up to (including) 3.0.0.4.380.7378 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt_ac1200gu_firmware | * |
Up to (including) 3.0.0.4.380.5577 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt_ac1200g_firmware | * |
Up to (including) 3.0.0.4.380.3167 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt_ac1900p_firmware | * |
Up to (including) 3.0.0.4.380.7743 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt_n12+_pro_firmware | * |
Up to (including) 3.0.0.4.380.9880 |
|||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac1200 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac3100 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac3200 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac51u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac52u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac53 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac5300 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac55u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac56u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac58u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac66u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac66u_b1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac68p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac68u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac88u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n12+ | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n12d1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n12hp | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n12hp_b1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n16 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n18u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n300 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n56u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n66u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt_ac1200g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt_ac1200gu | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt_ac1900p_ | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt_n12+_pro | - | - | |||||
- 攻击路径 网络
- 攻击复杂度 低
- 权限要求 无
- 影响范围 未更改
- 用户交互 无
- 可用性 高
- 保密性 高
- 完整性 高
还没有评论,来说两句吧...