CVE-2018-16596

Published: Dic 17, 2018 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2018-8403 Aliases: GSD-2018-16596
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: [email protected]
Attack Vector: adjacent_network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
MEDIUM 5,4
Source: [email protected]
Access Vector: adjacent_network
Access Complexity: medium
Authentication: none
Confidentiality: partial
Integrity: partial
Availability: partial

Description

AI Translation Available

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box (2, Standard, and Plus) prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UDP packet to port 1900 allows an attacker to execute code on a remote device. However, this is only possible if the attacker is inside the LAN. Because of ASLR, the success rate is not 100% and leads instead to a DoS of the UPnP service. The remaining functionality of the Internet Box is not affected. A reboot of the Internet Box is necessary to attempt the exploit again.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0036
Percentile
0,6th
Updated

EPSS Score Trend (Last 91 Days)

787

Out-of-bounds Write

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability Other
Potential Impacts:
Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Unexpected State
Applicable Platforms
Languages: Assembly, C, C++, Memory-Unsafe
Technologies: ICS/OT
Likelihood of Exploit: High
View CWE Details
Operating System

Internet-Box Standard Firmware by Swisscom

Product Information
Vendor Swisscom
Product Internet-Box Standard Firmware
Version Range Affected
To 09.04.00 (exclusive)
cpe:2.3:o:swisscom:internet-box_standard_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Internet-Box 2 Firmware by Swisscom

Product Information
Vendor Swisscom
Product Internet-Box 2 Firmware
Version Range Affected
To 09.04.00 (inclusive)
cpe:2.3:o:swisscom:internet-box_2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Internet-Box Light Firmware by Swisscom

Product Information
Vendor Swisscom
Product Internet-Box Light Firmware
Version Range Affected
To 08.05.02 (exclusive)
cpe:2.3:o:swisscom:internet-box_light_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Internet-Box Plus Firmware by Swisscom

Product Information
Vendor Swisscom
Product Internet-Box Plus Firmware
Version Range Affected
To 09.04.00 (exclusive)
cpe:2.3:o:swisscom:internet-box_plus_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.swisscom.ch/content/dam/swisscom/de/about/nachh…
Vendor Advisory
https://www.swisscom.ch/content/dam/swisscom/de/about/nachhaltigkeit/digitale-s…
https://www.swisscom.ch/content/dam/swisscom/de/about/nachh…
Vendor Advisory
https://www.swisscom.ch/content/dam/swisscom/de/about/nachhaltigkeit/digitale-s…