CVE-2013-5948 Information

Description

The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).

Reference

http://seclists.org/fulldisclosure/2014/Apr/59 http://seclists.org/fulldisclosure/2014/Apr/66 http://support.asus.com/download.aspx?m=RT-N66U+28VER.B129 https://support.t-mobile.com/docs/DOC-21994