CVE-2018-5234

Опубликовано: 30 апр. 2018

Источник: nvd

CVSS3: 8

CVSS2: 8.3

EPSS Средний

Описание

The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software.

Ссылки

http://www.securityfocus.com/bid/103955
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/44574/
Exploit
Third Party Advisory
VDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20180430_00
Vendor Advisory
http://www.securityfocus.com/bid/103955
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/44574/
Exploit
Third Party Advisory
VDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20180430_00
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:symantec:norton_core_firmware:*:*:*:*:*:*:*:*

Версия до 237 (исключая)

cpe:2.3:h:symantec:norton_core:-:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.18694

Средний

8 High

CVSS3

8.3 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-f53h-49xr-7j8w