admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-06-07 13:36:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2018/CVE-2018-6961.md
0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00

25 lines
1.2 KiB
Markdown
Raw Blame History

### [CVE-2018-6961](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6961)
![](https://img.shields.io/static/v1?label=Product&message=NSX%20SD-WAN%20by%20VeloCloud&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Command%20Injection&color=brighgreen)
### Description
VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. This component is disabled by default and should not be enabled on untrusted networks. VeloCloud by VMware will be removing this service from the product in future releases. Successful exploitation of this issue could result in remote code execution.
### POC
#### Reference
- https://www.exploit-db.com/exploits/44959/
- https://www.exploit-db.com/exploits/44959/
#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/bokanrb/CVE-2018-6961
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/r3dxpl0it/CVE-2018-6961
Reference in New Issue View Git Blame Copy Permalink