CVE-2023-26602

CRITICAL

ASUS ASMB8-iKVM Firmware <= 1.14.51 - Remote Code Execution via SNMP Extension Creation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2023-26602. PoCs published by ub3rsick, D1G17.

AI-analyzed exploit summary This exploit leverages SNMPv2 write access with the private community string to create arbitrary extensions, enabling remote code execution (RCE) as root on ASUS ASMB8 iKVM firmware <= 1.14.51. It demonstrates transferring and executing a reverse shell binary via SNMP commands, then adding a backdoor user to bypass SSH restrictions.

Description

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution.

Exploits (2)

exploitdb WORKING POC

by ub3rsick · textlocalhardware

https://www.exploit-db.com/exploits/52244

View Code ZIP pw:eip

This exploit leverages SNMPv2 write access with the private community string to create arbitrary extensions, enabling remote code execution (RCE) as root on ASUS ASMB8 iKVM firmware <= 1.14.51. It demonstrates transferring and executing a reverse shell binary via SNMP commands, then adding a backdoor user to bypass SSH restrictions.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ASUS ASMB8 iKVM Firmware <= 1.14.51

Auth required

Prerequisites: SNMPv2 write access with private community string · Network access to target device · Ability to host a reverse shell binary

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec STUB

by D1G17 · poc

https://github.com/D1G17/CVE-2023-26602

View Code ZIP pw:eip

The repository contains only a README with a disclaimer and no exploit code or technical details. It lacks any functional PoC, analysis, or meaningful content related to CVE-2023-26602.

Classification

Stub 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: unknown

No auth needed

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory, VDB Entry

http://packetstormsecurity.com/files/171137/ASUS-ASMB8-iKVM-1.14.51-SNMP-Remote-Root.html

Exploit, Third Party Advisory

https://nwsec.de/NWSSA-002-2023.txt

Exploit, Mailing List, Third Party Advisory mailing-list

http://seclists.org/fulldisclosure/2023/Feb/15

Scores

CVSS v3 9.8

EPSS 0.7009

EPSS Percentile 98.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-77

Status published

Products (1)

asus/asmb8-ikvm_firmware < 1.14.51

Published Feb 26, 2023

Tracked Since Feb 18, 2026