Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2018
CVE-2018-20577
Orange Livebox 00.96.320S devices allow cgi-bin/restore.exe, cgi-bin/firewall_SPI.exe, cgi-bin/setup_remote_mgmt.exe, cgi-bin/setup_pass.exe, and cgi-bin/upgradep.exe CSRF. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T VR9 1.2.
CVSS Score
9.1
EPSS Score
0.001
Published
2018-12-28
CVE-2018-5204
ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.
CVSS Score
9.8
EPSS Score
0.02
Published
2018-12-28
CVE-2018-7366
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV versions up to V1.2.2, the WASU versions up to V1.1.7 and the MGTV versions up to V1.4.6 have an authentication bypass vulnerability, which may allows an unauthorized user to perform unauthorized operations.
CVSS Score
4.3
EPSS Score
0.0
Published
2018-12-28
CVE-2018-20549
There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.
CVSS Score
8.8
EPSS Score
0.008
Published
2018-12-28
CVE-2018-20551
A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-12-28
CVE-2018-20552
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-12-28
CVE-2018-20553
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-12-28
CVE-2018-20557
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/page.php?rec=edit has XSS via the page_name parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-12-28
CVE-2018-20558
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/system.php?rec=update has XSS via the site_name parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-12-28
CVE-2018-20559
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.php?rec=update has XSS via the name parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-12-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved