多款ASUS产品networkmap缓冲区溢出漏洞
CVE编号
CVE-2017-11345利用情况
暂无补丁情况
N/A披露时间
2017-07-18漏洞描述
ASUS RT-AC5300等都是华硕(ASUS)公司的无线路由器。networkmap是其中的一个网络图组件。 多款ASUS产品中的networkmap存在缓冲区溢出漏洞。远程攻击者可利用该漏洞在路由器上执行任意代码。解决建议
厂商尚未提供漏洞修复方案,请关注厂商主页更新:https://www.asus.com.cn/
参考链接 |
|
|---|---|
| http://www.openwall.com/lists/oss-security/2017/07/14/3 | |
| https://asuswrt.lostrealm.ca/changelog |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac1200_firmware | * | Up to (including) 3.0.0.4.380.9880 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac3100_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac3200_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac51u_firmware | * | Up to (including) 3.0.0.4.380.7378 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac52u_firmware | * | Up to (including) 3.0.0.4.380.4180 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac5300_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac53_firmware | * | Up to (including) 3.0.0.4.380.9883 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac55u_firmware | * | Up to (including) 3.0.0.4.380.7378 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac56u_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac58u_firmware | * | Up to (including) 3.0.0.4.380.7485 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac66u_b1_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac66u_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac68p_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac68u_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-ac88u_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n12+_firmware | * | Up to (including) 3.0.0.4.380.7378 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n12d1_firmware | * | Up to (including) 3.0.0.4.380.7378 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n12hp_b1_firmware | * | Up to (including) 3.0.0.4.380.3479 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n12hp_firmware | * | Up to (including) 3.0.0.4.380.2943 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n16_firmware | * | Up to (including) 3.0.0.4.380.7378 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n18u_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n300_firmware | * | Up to (including) 3.0.0.4.380.7378 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n56u_firmware | * | Up to (including) 3.0.0.4.378.7177 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt-n66u_firmware | * | Up to (including) 3.0.0.4.380.7378 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt_ac1200gu_firmware | * | Up to (including) 3.0.0.4.380.5577 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt_ac1200g_firmware | * | Up to (including) 3.0.0.4.380.3167 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt_ac1900p_firmware | * | Up to (including) 3.0.0.4.380.7743 | |||||
| 运行在以下环境 | |||||||||
| 系统 | asuswrt-merlin_project | rt_n12+_pro_firmware | * | Up to (including) 3.0.0.4.380.9880 | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac1200 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac3100 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac3200 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac51u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac52u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac53 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac5300 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac55u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac56u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac58u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac66u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac66u_b1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac68p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac68u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-ac88u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n12+ | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n12d1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n12hp | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n12hp_b1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n16 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n18u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n300 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n56u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt-n66u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt_ac1200g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt_ac1200gu | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt_ac1900p_ | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | asuswrt-merlin_project | rt_n12+_pro | - | - | |||||
- 攻击路径 本地
- 攻击复杂度 低
- 权限要求 无
- 影响范围 未更改
- 用户交互 需要
- 可用性 高
- 保密性 高
- 完整性 高
| CWE-ID | 漏洞类型 |
| CWE-119 | 内存缓冲区边界内操作的限制不恰当 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论