Vulnerability CVE-2023-26602
Published: 2023-02-26

Description:
ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution.

See advisories in our WLB2 database:
Topic
Author
Date
High
ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root
d1g
27.02.2023
Low
ASUS ASMB8 iKVM 1.14.51 Remote Code Execution
d1g@segfault
22.04.2025

 References:
https://nwsec.de/NWSSA-002-2023.txt
Copyright 2025, cxsecurity.com

 

Back to Top