Asus RT-N66U - Cross-Site Request Forgery

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1065220 漏洞类型
发布时间 2013-09-30 更新时间 2013-09-30
漏洞平台 Hardware CVSS评分 N/A
Exploit Title: CSRF Asus RT-N66U Arbitrary Command Execution
Google Dork: N.A.
Date: 30 September 2013
Exploit Author: cgcai (
Vendor Homepage:
Software Link:
Tested on: N.A.
CVE: Pending

The Asus RT-N66U is a home wireless router. Its web application has a CSRF vulnerability that allows an attacker to execute arbitrary commands on the target device.

Exploitable URL:
The parameter "SystemCmd" in the URL below causes the device to execute arbitrary commands. (The value encoded in the example is `nvram show`)

The URL should be submitted as a `GET` request.

Console output can be observed by sending a `GET` request to `` after calling the URL above, if so desired.

The URLs above are protected with HTTP Basic Access Authentication. If a victim has logged in to the router recently, the exploit will work without further intervention. Otherwise, attackers can try supplying default credenitals in the URL.