HG100 has a broken access control vulnerability in its Web API Server
CVE-2019-11061

10CRITICAL

Key Information:

Vendor
Asus
Status
Hg100 Firmware
Vendor
CVE Published:
29 August 2019

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC

Summary

A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

Affected Version(s)

HG100 firmware up to 4.00.0.6

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

ASUS-SmartHome-Exploit
Created by tim124058

References

https://tvn.twcert.org.tw/taiwanvn/TVN-201906003
x_refsource_CONFIRM
http://surl.twcert.org.tw/5df6x
x_refsource_CONFIRM
https://github.com/tim124058/ASUS-SmartHome-Exploit/
x_refsource_CONFIRM

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

Credit

timhuang
.