CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-10967

On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.028

EPSS Ranking 85.5%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

https://fortiguard.com/zeroday/FG-VD-18-060
https://fortiguard.com/zeroday/FG-VD-18-060

Products affected by CVE-2018-10967

Dlink » Dir-550a » Version: N/A

cpe:2.3:h:dlink:dir-550a:-
Dlink » Dir-604m » Version: N/A

cpe:2.3:h:dlink:dir-604m:-
D-Link » Dir-550a Firmware » Version: Any

cpe:2.3:o:d-link:dir-550a_firmware:*
D-Link » Dir-604m Firmware » Version: Any

cpe:2.3:o:d-link:dir-604m_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-10967

Products

Pricing

Contact Us