Authenticated Command Injection Vulnerability in ASUS RT-AX55 Router
CVE-2023-39780

8.8HIGH

Key Information:

Vendor

Asus
Status
Rt-ax55
Vendor
CVE Published:
11 September 2023

Badges

💰 Ransomware👾 Exploit Exists🟣 EPSS 66%🦅 CISA Reported📰 News Worthy

What is CVE-2023-39780?

The ASUS RT-AX55 router has a vulnerability that allows an authenticated attacker to execute arbitrary commands on the device due to improper validation of input. This command injection flaw can enable unauthorized changes to device settings or the execution of potentially harmful operations, posing significant risks to the integrity and security of the network. Mitigation steps should be taken promptly to safeguard against exploit attempts.

CISA has reported CVE-2023-39780

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2023-39780 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

RT-AX55 3.0.0.4.386.51598

News Articles

favicon imageCISA (.gov)

CISA Adds Five Known Exploited Vulnerabilities to Catalog | CISA

CISA has added five new vulnerabilities to its KEV Catalog, based on evidence of active exploitation

3 weeks ago

favicon imageTom's Hardware

9,000 Asus routers compromised by botnet attack and persistent SSH backdoor that even firmware updates can't fix

New botnet campaign exploits legitimate system features to establish deep persistence while remaining virtually undetectable

3 weeks ago

favicon imageBleepingComputer

Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor

Over 9,000 ASUS routers are compromised by a novel botnet dubbed

4 weeks ago

References

https://github.com/D2y6p/CVE/blob/main/asus/CVE-2023-3978...
https://github.com/D2y6p/CVE/blob/main/asus/CVE-2023-3978...
https://github.com/D2y6p/CVE/blob/main/asus/CVE-2023-3978...

EPSS Score

66% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🦅

    CISA Reported

  • 💰

    Used in Ransomware

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by BleepingComputer

  • Vulnerability published

  • Vulnerability Reserved

.