admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2018/CVE-2018-1185.md

18 lines
1.0 KiB
Markdown
Raw Normal View History

Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
### [CVE-2018-1185](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1185)
![](https://img.shields.io/static/v1?label=Product&message=EMC%20RecoverPoint%20for%20Virtual%20Machines%20versions%20prior%20to%205.1.1%2C%20EMC%20RecoverPoint%20version%205.1.0.0%2C%20EMC%20RecoverPoint%20versions%20prior%20to%205.0.1.3&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Command%20injection%20vulnerability&color=brighgreen)
### Description
An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Admin CLI may allow a malicious user with admin privileges to escape from the restricted shell to an interactive shell and run arbitrary commands with root privileges.
### POC
#### Reference
- https://www.exploit-db.com/exploits/44614/
#### Github
- https://github.com/bao7uo/dell-emc_recoverpoint
Reference in New Issue Copy Permalink