cve/CVE-2018-18852.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

Cerio DT-300N 1.1.6 through 1.1.12 devices allow OS command injection because of improper input validation of the web-interface PING feature's use of Save.cgi to execute a ping command, as exploited in the wild in October 2018.

POC

Reference

No PoCs from references.

Github

https://github.com/0xT11/CVE-POC
https://github.com/422926799/haq5201314
https://github.com/ARPSyndicate/cvemon
https://github.com/andripwn/CVE-2018-18852
https://github.com/anquanscan/sec-tools
https://github.com/hook-s3c/CVE-2018-18852
https://github.com/jiushill/haq5201314

928 B Raw Blame History

CVE-2018-18852

Description

POC

Reference

Github

928 B

Raw Blame History