CVE-2018-18319
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
15/10/2018
Last modified:
05/08/2024
Description
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:asuswrt-merlin_project:rt-ac5300_firmware:*:*:*:*:*:*:*:* | 380.70 (including) | |
cpe:2.3:h:asuswrt-merlin_project:rt-ac5300:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:asuswrt-merlin_project:rt_ac1900p_firmware:*:*:*:*:*:*:*:* | 380.70 (including) | |
cpe:2.3:h:asuswrt-merlin_project:rt_ac1900p_:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:asuswrt-merlin_project:rt-ac68u_firmware:*:*:*:*:*:*:*:* | 380.70 (including) | |
cpe:2.3:h:asuswrt-merlin_project:rt-ac68u:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:asuswrt-merlin_project:rt-ac68p_firmware:*:*:*:*:*:*:*:* | 380.70 (including) | |
cpe:2.3:h:asuswrt-merlin_project:rt-ac68p:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:asuswrt-merlin_project:rt-ac88u_firmware:*:*:*:*:*:*:*:* | 380.70 (including) | |
cpe:2.3:h:asuswrt-merlin_project:rt-ac88u:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:asuswrt-merlin_project:rt-ac66u_b1_firmware:*:*:*:*:*:*:*:* | 380.70 (including) | |
cpe:2.3:h:asuswrt-merlin_project:rt-ac66u_b1:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:asuswrt-merlin_project:rt-ac56u_firmware:*:*:*:*:*:*:*:* | 380.70 (including) | |
cpe:2.3:h:asuswrt-merlin_project:rt-ac56u:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:asuswrt-merlin_project:rt-ac3200_firmware:*:*:*:*:*:*:*:* | 380.70 (including) |
To consult the complete list of CPE names with products and versions, see this page