Vulnerability Details CVE-2018-18876
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a readouts_rd.php directory traversal issue makes it possible to read any file present on the underlying operating system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.1%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2018-18876
-
cpe:2.3:h:columbiaweather:weather_microserver:-
-
cpe:2.3:o:columbiaweather:weather_microserver_firmware:ms_2.6.9900