3 matches found
CVE-2018-18852
Cerio DT-300N 1.1.6 through 1.1.12 devices allow OS command injection because of improper input validation of the web-interface PING feature's use of Save.cgi to execute a ping command, as exploited in the wild in October 2018...
CVE-2018-18852
creationtimestamp| type| source ---|---|--- 2024-12-27 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-12-27 2025-01-05 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-05 2025-01-07 00:00:00+00:00| seen| The Shadowserver...
CVE-2018-18852
Cerio DT-300N devices, version 1.1.6–1.1.12, are affected by an OS command injection due to improper input validation in the web-interface PING feature (Save.cgi). The issue allows execution of arbitrary commands on the device; exploitation was observed in the wild in October 2018. CVSS details p...