[NetworkSEC NWSSA] CVE-2023-26602: ASUS ASMB8 iKVM RCE and SSH Root Access

Read Time:18 Second

Posted by Peter Ohm on Feb 27

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Exploit Title: ASUS ASMB8 iKVM RCE and SSH Root Access
# Date: 2023-02-16
# Exploit Author: d1g () segfault net for NetworkSEC [NWSSA-002-2023]
# Vendor Homepage: https://servers.asus.com/search?q=ASMB8
# Version/Model: ASMB8 iKVM Firmware <= 1.14.51 (probably others)
# Tested on: Linux AMI2CFDA1C7570E 2.6.28.10-ami…

USN-7003-5: Linux kernel vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local...

October 1, 2024

webkitgtk-2.46.1-1.fc39

FEDORA-2024-e1357fc22f Packages in this update: webkitgtk-2.46.1-1.fc39 Update description: Fix login QR code not shown in WhatsApp web. Disable PSON by...

October 1, 2024

webkitgtk-2.46.1-1.fc41

FEDORA-2024-b142cc07d0 Packages in this update: webkitgtk-2.46.1-1.fc41 Update description: Fix login QR code not shown in WhatsApp web. Disable PSON by...

October 1, 2024

webkitgtk-2.46.1-1.fc40

FEDORA-2024-4c6304b6fa Packages in this update: webkitgtk-2.46.1-1.fc40 Update description: Fix login QR code not shown in WhatsApp web. Disable PSON by...

October 1, 2024

USN-7048-1: Vim vulnerability

Suyue Guo discovered that Vim incorrectly handled memory when flushing the typeahead buffer, leading to heap-buffer-overflow. An attacker could possibly...

October 1, 2024

USN-7015-3: Python vulnerability

USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding updates for CVE-2023-27043 for python2.7 in Ubuntu 16.04 LTS,...

October 1, 2024

Hacking ChatGPT by Planting False Memories into Its Data

People Know Their Data Rights, and They’re Here to Play Ball

Ten Million Brits Hit By Fraud in Just Three Years

ISACA: European Security Teams Are Understaffed and Underfunded

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

NVIDIA Container Toolkit Vulnerability Exposes AI Systems to Risk

Critical RCE Vulnerabilities Found in Common Unix Printing System

US State CISOs Struggling with Insufficient Cybersecurity Funding

British man used genealogy websites to fuel alleged hacking and insider trading scheme

[NetworkSEC NWSSA] CVE-2023-26602: ASUS ASMB8 iKVM RCE and SSH Root Access

USN-7003-5: Linux kernel vulnerabilities

webkitgtk-2.46.1-1.fc39

webkitgtk-2.46.1-1.fc41

webkitgtk-2.46.1-1.fc40

USN-7048-1: Vim vulnerability

USN-7015-3: Python vulnerability