What is CVE-2018-14714?

CVE-2018-14714 is a vulnerability in N/a. Published 2019-05-13.

Is CVE-2018-14714 known to be exploited?

9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-14714

System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter.

EPSS: 0.809 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

BTtea/CVE-2018-14714-RCE-exploit
sunn1day/CVE-2018-14714-POC
tin-z/CVE-2018-14714-POC
BreadSquad/TimeInjector
plzheheplztrying/cve_
tin-z/tin-z
0xT11/CVE-POC
BTtea/CVE-2018-14714-RCE_
ediop3SquadALT/TimeInjector

References

blog.securityevaluators.com/asus-routers-overflow-with-vulnerabilities-b111bc1c… (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-14714?: CVE-2018-14714 is a vulnerability in N/a. Published 2019-05-13.
Is CVE-2018-14714 known to be exploited?: 9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.