CVE-2018-17867

2018-10-0123:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.4%

JSON

The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/adv_nat_virsvr.asp Addr parameter (aka the Local IP Address field).

References

wojciechregula.blog/authenticated-rce-in-dasan-routers/