Vulnerability Details CVE-2018-1151
The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.263
EPSS Ranking 96.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2018-1151
-
cpe:2.3:h:westerndigital:tv_live_hub:-
-
cpe:2.3:h:westerndigital:tv_media_player:-
-
cpe:2.3:o:westerndigital:tv_live_hub_firmware:3.12.13
-
cpe:2.3:o:westerndigital:tv_media_player_firmware:1.03.07