CVE-2018-14839

Опубликовано: 14 мая 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Критический

Описание

LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code (remote). The attack vector is: HTTP POST with parameters.

Ссылки

https://medium.com/%400x616163/lg-n1a1-unauthenticated-remote-command-injection-cve-2018-14839-9d2cf760e247
Exploit
Third Party Advisory
https://medium.com/%400x616163/lg-n1a1-unauthenticated-remote-command-injection-cve-2018-14839-9d2cf760e247
Exploit
Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14839
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:lg:n1a1_firmware:3718.510:*:*:*:*:*:*:*

cpe:2.3:h:lg:n1a1:-:*:*:*:*:*:*:*

EPSS

Процентиль: 100%

0.90301

Критический

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-9h95-rv82-cwrc