CVE-2018-9285
CRITICAL EXPLOITEDASUS RT-AC Series Firmware - OS Command Injection via SystemCmd pingCNT and destIP Fields
Title source: llmExploitation Summary
CVE-2018-9285 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.
References (3)
Core 3
Core References
Third Party Advisory x_refsource_misc
https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in-asus-router.html
Third Party Advisory x_refsource_misc
https://fortiguard.com/zeroday/FG-VD-17-216
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/160049/ASUS-TM-AC1900-Arbitrary-Command-Execution.html
Scores
CVSS v3
9.8
EPSS
0.0280
EPSS Percentile
86.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2020-01-08
CWE
CWE-78
Status
published
Products (11)
asus/rt-ac1900_firmware
< 3.0.0.4.384.10007
asus/rt-ac2900_firmware
< 3.0.0.4.384.10007
asus/rt-ac3100_firmware
< 3.0.0.4.384.10007
asus/rt-ac3200_firmware
< 3.0.0.4.382.50010
asus/rt-ac5300_firmware
< 3.0.0.4.384.20287
asus/rt-ac66u_firmware
< 3.0.0.4.384.10007
asus/rt-ac68u_firmware
< 3.0.0.4.384.10007
asus/rt-ac86u_firmware
< 3.0.0.4.384.10007
asus/rt-ac87u_firmware
< 3.0.0.4.382.50010
asus/rt-ac88u_firmware
< 3.0.0.4.384.10007
... and 1 more
Published
Apr 04, 2018
Tracked Since
Feb 18, 2026