[NetworkSEC NWSSA] CVE-2023-26602: ASUS ASMB8 iKVM RCE and SSH Root Access

Read Time:18 Second

Posted by Peter Ohm on Feb 27

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Exploit Title: ASUS ASMB8 iKVM RCE and SSH Root Access
# Date: 2023-02-16
# Exploit Author: d1g () segfault net for NetworkSEC [NWSSA-002-2023]
# Vendor Homepage: https://servers.asus.com/search?q=ASMB8
# Version/Model: ASMB8 iKVM Firmware <= 1.14.51 (probably others)
# Tested on: Linux AMI2CFDA1C7570E 2.6.28.10-ami…

perl-Plack-Middleware-Session-0.36-1.fc42

FEDORA-2025-ca07c36a0a Packages in this update: perl-Plack-Middleware-Session-0.36-1.fc42 Update description: This update upgrade the package to version 0.36. This version fixes CVE-2025-40923...

September 7, 2025

perl-Catalyst-Plugin-Session-0.44-1.fc42

FEDORA-2025-90d5989bee Packages in this update: perl-Catalyst-Plugin-Session-0.44-1.fc42 Update description: This update upgrade the package to version 0.44. This version fixes CVE-2025-40924...

September 7, 2025

perl-Catalyst-Authentication-Credential-HTTP-1.019-1.fc42

FEDORA-2025-d72429a1f8 Packages in this update: perl-Catalyst-Authentication-Credential-HTTP-1.019-1.fc42 Update description: This update upgrade the package to version 1.019. This version fixes CVE-2025-40920...

September 7, 2025

DSA-5994-1 shibboleth-sp – security update

Florian Stuhlmann discovered a SQL vulnerability in the ODBC plugin in the Shibboleth Service Provider which may result in information...

September 7, 2025

libopenmpt-0.8.3-1.el10_0

FEDORA-EPEL-2025-dc43510de4 Packages in this update: libopenmpt-0.8.3-1.el10_0 Update description: libopenmpt 0.8.3 (2025-09-06) [Bug] libopenmpt is now compatible with most non-standard builds...

September 6, 2025

libopenmpt-0.8.3-1.el10_2

FEDORA-EPEL-2025-3f414a0955 Packages in this update: libopenmpt-0.8.3-1.el10_2 Update description: libopenmpt 0.8.3 (2025-09-06) [Bug] libopenmpt is now compatible with most non-standard builds...

September 6, 2025

GOP Cries Censorship Over Spam Filters That Work

Friday Squid Blogging: The Origin and Propagation of Squid

My Latest Book: Rewiring Democracy

Bridgestone Confirms “Limited Cyber Incident” Impacting Facilities in North America

Germany charges hacker with Rosneft cyberattack in latest wake-up call for critical infrastructure

Parents warned that robot toys spied on children’s location without consent

South Carolina School District Data Breach Affects 31,000 People

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Security

GPT-4o-mini Falls for Psychological Manipulation

[NetworkSEC NWSSA] CVE-2023-26602: ASUS ASMB8 iKVM RCE and SSH Root Access

perl-Plack-Middleware-Session-0.36-1.fc42

perl-Catalyst-Plugin-Session-0.44-1.fc42

perl-Catalyst-Authentication-Credential-HTTP-1.019-1.fc42

DSA-5994-1 shibboleth-sp – security update

libopenmpt-0.8.3-1.el10_0

libopenmpt-0.8.3-1.el10_2