Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:39 a.m.10 views

CVE-2017-18378

In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $GET'uploaddir' is not escaped and is passed to system through $tmpuploaddir, leading to upgradehandle.php?cmd=writeuploaddir remote command execution...

9.8CVSS7.1AI score0.0817EPSS
Exploits1References1
Circl
Circl
added 2019/06/12 12:30 a.m.19 views

CVE-2017-18378

creationtimestamp| type| source ---|---|--- 2019-06-12 00:30:25+00:00| seen| https://t.me/cibsecurity/4847 2024-12-21 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-21 2024-12-23 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities -...

9.8CVSS7.2AI score0.0817EPSS
In wildExploits1References4
Cvelist
Cvelist
added 2019/06/11 8:44 p.m.24 views

CVE-2017-18378

In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $GET'uploaddir' is not escaped and is passed to system through $tmpuploaddir, leading to upgradehandle.php?cmd=writeuploaddir remote command execution...

8.4CVSS9.7AI score0.0817EPSS
Exploits1References2
CVE
CVE
added 2019/06/11 8:44 p.m.102 views

CVE-2017-18378

The CVE-2017-18378 vulnerability affects NETGEAR ReadyNAS Surveillance prior to 1.4.3-17 (x86) and 1.1.4-7 (ARM). The issue is a failure to escape $_GET['uploaddir'], which is passed to system() via $tmp_upload_dir, enabling remote command execution via upgrade_handle.php?cmd=writeuploaddir. Publ...

9.8CVSS9.5AI score0.0817EPSS
In wildExploits1References2Affected Software1
Rows per page
Query Builder