Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2018-1207

🗓️ 23 Mar 2018 14:00:00Reported by dellType 
cve
 cve🔗 web.nvd.nist.gov👁 156 Views🌐 WEB

Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, CGI injection vulnerability

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
Circl		CVE-2018-1207
17 Apr 202521:02
circl
CNVD		Dell EMC iDRAC7 and iDRAC8 Code Execution Vulnerabilities
27 Mar 201800:00
cnvd
Cvelist		CVE-2018-1207
23 Mar 201814:00
cvelist
Tenable Nessus		Dell iDRAC Products Multiple Vulnerabilities (Mar 2018)
20 Apr 201800:00
nessus
Tenable Nessus		Dell EMC Code Injection (CVE-2018-1207)
17 Jan 202400:00
nessus
Exploit DB		Dell EMC iDRAC7/iDRAC8 2.52.52.52 - Remote Code Execution (RCE)
16 Apr 202500:00
exploitdb
canvas		Immunity Canvas: IDRAC_APPWEB_RCE
23 Mar 201814:29
canvas
Nuclei		Dell iDRAC7/8 Devices - Remote Code Injection
25 Jun 202601:31
nuclei
NVD		CVE-2018-1207
23 Mar 201814:29
nvd
OSV		CVE-2018-1207
23 Mar 201814:29
osv
Rows per page
NVD
Node
dellemc_idrac7Range<2.52.52.52
OR
dellemc_idrac8Range<2.52.52.52
ParameterPositionPathDescriptionCWE
LD_DEBUGquery paramcgi-bin/login?LD_DEBUG=filesVulnerability check endpoint using LD_DEBUG to reveal vulnerable CGI pathCWE-94
binary payloadupload datacgi-bin/putfileUpload of a shared library/exploit via CGI injection vulnerability to achieve RCECWE-94
LD_PRELOADquery paramcgi-bin/discover?LD_PRELOAD=/tmp/sshpkauthupload.tmpTrigger remote code execution by LD_PRELOAD manipulationCWE-94

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Jun 2026 01:50Current
9.6High risk
Vulners AI Score9.6
CVSS 27.5
CVSS 39.8
EPSS0.9079
CWE-94
dellemcidrac7idrac8cgi injectionvulnerabilityremote code executionnvdcve-2018-1207
156