CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-12312

OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "secret_key" URL parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.12

EPSS Ranking 93.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

Products affected by CVE-2018-12312

Asustor » As602t » Version: N/A

cpe:2.3:h:asustor:as602t:-
Asustor » Data Master » Version: 3.1.1

cpe:2.3:o:asustor:data_master:3.1.1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved