Vulnerability Details CVE-2018-18877
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page config_main.php that allows manipulation of the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2018-18877
-
cpe:2.3:h:columbiaweather:weather_microserver:-
-
cpe:2.3:o:columbiaweather:weather_microserver_firmware:ms_2.6.9900