Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2018-16752

🗓️ 20 Sep 2018 20:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 47 Views🌐 WEB

LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
CNVD		LW-N605R Remote Code Execution Vulnerability
12 Sep 201800:00
cnvd
Cvelist		CVE-2018-16752
20 Sep 201820:00
cvelist
NVD		CVE-2018-16752
20 Sep 201820:29
nvd
OSV		CVE-2018-16752
20 Sep 201820:29
osv
Packet Storm		LW-N605R Remote Code Execution
10 Sep 201800:00
packetstorm
Prion		Default credentials
20 Sep 201820:29
prion
VulnCheck KEV		VulnCheck KEV: CVE-2018-16752
3 Jan 202400:00
vulncheck_kev
NVD
Node
linknet-usalw-n605r_firmwareMatch12.20.2.1486
AND
linknet-usalw-n605rMatch-
ParameterPositionPathDescriptionCWE
HOSTpathadm/systools.aspRemote Code Execution via shell metacharacters in the HOST field of the ping featureCWE-1188CWE-78
toolquery paramgoform/sysToolsPOC demonstrates exploitation by injecting a shell command in the host parameter used by the ping toolCWE-1188CWE-78
pingCountquery paramgoform/sysToolsPOC demonstrates exploitation by injecting a shell command in the host parameter used by the ping toolCWE-1188CWE-78
hostquery paramgoform/sysToolsPOC demonstrates exploitation by injecting a shell command in the host parameter used by the ping toolCWE-1188CWE-78
sumbitquery paramgoform/sysToolsPOC demonstrates exploitation by injecting a shell command in the host parameter used by the ping toolCWE-1188CWE-78

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Jun 2026 01:44Current
9.1High risk
Vulners AI Score9.1
CVSS 38.8
CVSS 29
EPSS0.42657
CWE-1188CWE-78
cve-2018-16752link-net lw-n605rfirmware 12.20.2.1486remote code executionshell metacharactersping featureadm/systools.aspauthenticationdefault passwordadmin account
47