[CVE-2018-5189] Rumble In The Jungo – A Code Execution Walkthrough

Posted by Kurtis on Jan 11

** Advisory Information

Title: [CVE-2018-5189] Rumble In The Jungo – A Code Execution Walkthrough
Blog URL: https://www.fidusinfosec.com/tp-link-remote-code-execution-cve-2017-13772/
Vendor: Jungo
Date Published: 10/01/2017
CVE: CVE-2018-5189

** Vulnerability Summary

Leveraging a race condition/double fetch to trigger a pool overflow
within the Jungo Windriver allowing a local privilage escalation to SYSTEM.

** Vendor Response

Jungo have…

Leave a Reply