CVE-2018-9285

Name of the Vulnerable Software and Affected Versions: ASUS RT-AC66U versions prior to 3.0.0.4.384 10007 ASUS RT-AC68U versions prior to 3.0.0.4.384 10007 ASUS RT-AC86U versions prior to 3.0.0.4.384 10007 ASUS RT-AC88U versions prior to 3.0.0.4.384 10007 ASUS RT-AC1900 versions prior to 3.0.0.4.384 10007 ASUS RT-AC2900 versions prior to 3.0.0.4.384 10007 ASUS RT-AC3100 versions prior to 3.0.0.4.384 10007 ASUS RT-N18U versions prior to 3.0.0.4.382.39935 ASUS RT-AC87U versions prior to 3.0.0.4.382.50010 ASUS RT-AC3200 versions prior to 3.0.0.4.382.50010 ASUS RT-AC5300 versions prior to 3.0.0.4.384.20287

Description: The issue allows for OS command injection via the pingCNT and destIP fields of the SystemCmd variable in the Main Analysis Content.asp page of the /apply.cgi component. This can be exploited by sending HTTP requests, enabling a remote attacker to execute arbitrary commands.

Recommendations: For ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices, update to version 3.0.0.4.384 10007 or later. For RT-N18U devices, update to version 3.0.0.4.382.39935 or later. For RT-AC87U and RT-AC3200 devices, update to version 3.0.0.4.382.50010 or later. For RT-AC5300 devices, update to version 3.0.0.4.384.20287 or later. As a temporary workaround, consider restricting access to the Main Analysis Content.asp page and the SystemCmd variable to minimize the risk of exploitation.