ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root

Posted on 27 February 2023

ASUS ASMB8 iKVM firmware versions 1.14.51 and below suffers from a flaw where SNMPv2 can be used with write access to introduce arbitrary extensions to achieve remote code execution as root. The researchers also discovered a hardcoded administrative account.