CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-17170

Grouptime Teamwire Desktop Client 1.5.1 prior to 1.9.0 on Windows allows code injection via a template, leading to remote code execution. All backend versions prior to prod-2018-11-13-15-00-42 are affected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.029

EPSS Ranking 85.8%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 6.8

References

https://research.hisolutions.com/2019/06/web-vulnerabilities-are-coming-to-the-desktop-template-injections-lead-to-rce-in-teamwire/
https://research.hisolutions.com/2019/06/web-vulnerabilities-are-coming-to-the-desktop-template-injections-lead-to-rce-in-teamwire/

Products affected by CVE-2018-17170

Teamwire » Teamwire » Version: 1.5.1

cpe:2.3:a:teamwire:teamwire:1.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17170

Products

Pricing

Contact Us