Vulnerability Name:

CVE-2017-14698 (CCN-138388)

Assigned:2017-09-22
Published:2018-01-25
Updated:2019-10-03
Summary:ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N16U, DSL-N17U, DSL-N66U, and DSL-AC750 routers allow remote attackers to change passwords of arbitrary users via the http_passwd parameter to mod_login.asp.
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.8 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-287
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2017-14698

Source: XF
Type: UNKNOWN
asus-cve201714698-sec-bypass(138388)

Source: CONFIRM
Type: Patch, Vendor Advisory
https://www.asus.com/Networking/DSL-N14U-B1/HelpDesk_BIOS/

Source: CCN
Type: ASUS Web site
Multiple ASUS routers

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [01-25-2018]

Source: CCN
Type: SECURITYARTWORK Web site
Some vulnerability in ASUS routers

Source: MISC
Type: Broken Link
https://www.securityartwork.es/2018/01/25/some-vulnerability-in-asus-routers/

Vulnerable Configuration:Configuration 1:
  • cpe:/o:asus:dsl-ac51_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-ac51:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:asus:dsl-ac52u_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-ac52u:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:asus:dsl-ac55u_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-ac55u:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:asus:dsl-n55u_c1_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n55u_c1:-:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:asus:dsl-n55u_d1_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n55u_d1:-:*:*:*:*:*:*:*

    • Configuration 6:
  • cpe:/o:asus:dsl-ac56u_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-ac56u:-:*:*:*:*:*:*:*

    • Configuration 7:
  • cpe:/o:asus:dsl-n10_c1_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n10_c1:-:*:*:*:*:*:*:*

    • Configuration 8:
  • cpe:/o:asus:dsl-n12u_c1_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n12u_c1:-:*:*:*:*:*:*:*

    • Configuration 9:
  • cpe:/o:asus:dsl-n12e_c1_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n12e_c1:-:*:*:*:*:*:*:*

    • Configuration 10:
  • cpe:/o:asus:dsl-n14u_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n14u:-:*:*:*:*:*:*:*

    • Configuration 11:
  • cpe:/o:asus:dsl-n14u-b1_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n14u-b1:-:*:*:*:*:*:*:*

    • Configuration 12:
  • cpe:/o:asus:dsl-n16_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n16:-:*:*:*:*:*:*:*

    • Configuration 13:
  • cpe:/o:asus:dsl-n16u_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n16u:-:*:*:*:*:*:*:*

    • Configuration 14:
  • cpe:/o:asus:dsl-n17u_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n17u:-:*:*:*:*:*:*:*

    • Configuration 15:
  • cpe:/o:asus:dsl-n66u_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-n66u:-:*:*:*:*:*:*:*

    • Configuration 16:
  • cpe:/o:asus:dsl-ac750_firmware:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:asus:dsl-ac750:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:asus:dsl-ac51:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-ac52u:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-ac55u:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n55u_c1:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n55u_d1:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-ac56u:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n10_c1:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n12u_c1:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n12e_c1:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n14u:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n14u-b1:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n16:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n16u:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n17u:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-n66u:-:*:*:*:*:*:*:*
  • OR cpe:/h:asus:dsl-ac750:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    asus dsl-ac51 firmware -
    asus dsl-ac51 -
    asus dsl-ac52u firmware -
    asus dsl-ac52u -
    asus dsl-ac55u firmware -
    asus dsl-ac55u -
    asus dsl-n55u c1 firmware -
    asus dsl-n55u c1 -
    asus dsl-n55u d1 firmware -
    asus dsl-n55u d1 -
    asus dsl-ac56u firmware -
    asus dsl-ac56u -
    asus dsl-n10 c1 firmware -
    asus dsl-n10 c1 -
    asus dsl-n12u c1 firmware -
    asus dsl-n12u c1 -
    asus dsl-n12e c1 firmware -
    asus dsl-n12e c1 -
    asus dsl-n14u firmware -
    asus dsl-n14u -
    asus dsl-n14u-b1 firmware -
    asus dsl-n14u-b1 -
    asus dsl-n16 firmware -
    asus dsl-n16 -
    asus dsl-n16u firmware -
    asus dsl-n16u -
    asus dsl-n17u firmware -
    asus dsl-n17u -
    asus dsl-n66u firmware -
    asus dsl-n66u -
    asus dsl-ac750 firmware -
    asus dsl-ac750 -
    asus dsl-ac51 -
    asus dsl-ac52u -
    asus dsl-ac55u -
    asus dsl-n55u c1 -
    asus dsl-n55u d1 -
    asus dsl-ac56u -
    asus dsl-n10 c1 -
    asus dsl-n12u c1 -
    asus dsl-n12e c1 -
    asus dsl-n14u -
    asus dsl-n14u-b1 -
    asus dsl-n16 -
    asus dsl-n16u -
    asus dsl-n17u -
    asus dsl-n66u -
    asus dsl-ac750 -