CVE-2018-17532

high-risk
Published 2018-10-15

Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges.

Do I need to act?

!
77.7% chance of exploitation in next 30 days
EPSS score — higher than 22% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (3)

Rut900 Firmware
Rut950 Firmware
Rut955 Firmware

Affected Vendors

Teltonika

References (6)

Exploit http://packetstormsecurity.com/files/149777/Teltonika-RUT9XX-Unauthenticated-OS-...
Exploit http://seclists.org/fulldisclosure/2018/Oct/27
Exploit https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180319-01_T...
Exploit http://packetstormsecurity.com/files/149777/Teltonika-RUT9XX-Unauthenticated-OS-...
Exploit http://seclists.org/fulldisclosure/2018/Oct/27
Exploit https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180319-01_T...
61
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 20/34 · Moderate
Exposure 9/34 · Low