admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 10:41:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2018/CVE-2018-1242.md

19 lines
971 B
Markdown
Raw Normal View History

Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
### [CVE-2018-1242](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1242)
![](https://img.shields.io/static/v1?label=Product&message=Dell%20EMC%20RecoverPoint%20Virtual%20Machine%20(VM)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Dell%20EMC%20RecoverPoint&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=command%20injection%20vulnerability&color=brighgreen)
### Description
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files that require root permission cannot be read.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/bao7uo/dell-emc_recoverpoint
Reference in New Issue Copy Permalink