CVE-2017-18368
CVE-2017-18368
Vexday Risk Score
80High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 9.8EPSS 94.5%KEV simPoC —Patch —
Lifecycle
02 May 2019Published on NVD
07 Aug 2023Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short
A router flaw allows anyone on the internet to run dangerous commands on the device by sending specially crafted requests to a logging page. This gives complete control over the router without needing a password.
Technical detail
CWE-78 command injection in ViewLog.asp remote_host parameter allows unauthenticated remote code execution. The vulnerability accepts unsanitized user input directly into system commands within the Remote System Log forwarding function, enabling arbitrary command execution with router privileges.
Summary generated and translated by AI from the official description.
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited through the remote_host parameter.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txthttps://seclists.org/fulldisclosure/2017/Jan/40https://ssd-disclosure.com/index.php/archives/2910https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-18368http://www.zyxel.com/support/announcement_unauthenticated.shtml