CVE-2018-15887

2018-08-27T15:29:00
ID CVE-2018-15887
Type cve
Reporter cve@mitre.org
Modified 2018-11-05T19:10:00

Description

Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request.