Vulnerability Details CVE-2018-0639
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.0%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 9.0
References
Products affected by CVE-2018-0639
-
cpe:2.3:h:nec:aterm_hc100rc:-
-
cpe:2.3:o:nec:aterm_hc100rc_firmware:1.0.1