CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-17867

The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/adv_nat_virsvr.asp Addr parameter (aka the Local IP Address field).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.046

EPSS Ranking 88.9%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 9.0

References

https://wojciechregula.blog/authenticated-rce-in-dasan-routers/
https://wojciechregula.blog/authenticated-rce-in-dasan-routers/

Products affected by CVE-2018-17867

Dasannetworks » H660gw » Version: N/A

cpe:2.3:h:dasannetworks:h660gw:-
Dasannetworks » H660gw Firmware » Version: N/A

cpe:2.3:o:dasannetworks:h660gw_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17867

Products

Pricing

Contact Us