CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-15887

Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.078

EPSS Ranking 91.5%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://fakhrizulkifli.github.io/CVE-2018-15887.html
https://fakhrizulkifli.github.io/CVE-2018-15887.html

Products affected by CVE-2018-15887

Asus » Dsl-N12e C1 » Version: N/A

cpe:2.3:h:asus:dsl-n12e_c1:-
Asus » Dsl-N12e C1 Firmware » Version: 1.1.2.3_345

cpe:2.3:o:asus:dsl-n12e_c1_firmware:1.1.2.3_345

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-15887

Products

Pricing

Contact Us