Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2019
CVE-2018-0631
Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.
CVSS Score
7.2
EPSS Score
0.007
Published
2019-01-09
CVE-2018-0632
Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via HTTP request and response.
CVSS Score
7.2
EPSS Score
0.017
Published
2019-01-09
CVE-2018-0633
Buffer overflow in Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary code via submit-url parameter.
CVSS Score
7.2
EPSS Score
0.017
Published
2019-01-09
CVE-2018-0634
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL.
CVSS Score
7.2
EPSS Score
0.006
Published
2019-01-09
CVE-2018-0635
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter.
CVSS Score
7.2
EPSS Score
0.006
Published
2019-01-09
CVE-2018-0636
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634.
CVSS Score
7.2
EPSS Score
0.006
Published
2019-01-09
CVE-2018-0637
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter.
CVSS Score
7.2
EPSS Score
0.007
Published
2019-01-09
CVE-2018-6174
Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.02
Published
2019-01-09
CVE-2018-6175
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVSS Score
6.5
EPSS Score
0.01
Published
2019-01-09
CVE-2018-6178
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension.
CVSS Score
4.3
EPSS Score
0.005
Published
2019-01-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved