admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2018/CVE-2018-109xx/CVE-2018-10967.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

153 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2018-10967",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-05-18T14:29:00.217",
"lastModified": "2024-11-21T03:42:24.650",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution."
},
{
"lang": "es",
"value": "En los dispositivos D-Link DIR-550A y DIR-604M hasta la versi\u00f3n v2.10KR, un usuario malicioso puede falsificar una petici\u00f3n HTTP para inyectar comandos del sistema operativo que pueden ejecutarse en el dispositivo con mayores privilegios. Esto tambi\u00e9n se conoce como ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"baseScore": 9.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"acInsufInfo": true,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-550a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.10kr",
"matchCriteriaId": "7A31BAD0-5EF3-4EE2-A809-555D20BA6998"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-550a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05DF8AB4-B180-4A72-88B1-86C7D79195BD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-604m_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.10kr",
"matchCriteriaId": "3606EB18-F09B-4D5E-BB25-68E51E30E384"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-604m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE4DA1F5-4A48-491E-8763-81D0CAA45B9C"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/zeroday/FG-VD-18-060",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://fortiguard.com/zeroday/FG-VD-18-060",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink