Lucene search
K

4 matches found

NVD
NVD
added 2018/09/28 8:29 p.m.13 views

CVE-2018-9075

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a PersonalCloud setup, an attacker can craft a command injection payload using backtick "" characters in the client:password parameter. As a result, arbitrary commands may be executed as the root user...

9.3CVSS8.5AI score0.04079EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/09/28 8:29 p.m.3 views

CVE-2018-9075

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a PersonalCloud setup, an attacker can craft a command injection payload using backtick "" characters in the client:password parameter. As a result, arbitrary commands may be executed as the root user...

9.3CVSS5.8AI score0.04079EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2018/09/28 8:29 p.m.15 views

Command injection

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a PersonalCloud setup, an attacker can craft a command injection payload using backtick "" characters in the client:password parameter. As a result, arbitrary commands may be executed as the root user...

9.3CVSS8.4AI score0.04079EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/09/28 8:0 p.m.18 views

CVE-2018-9075 Iomega and LenovoEMC NAS Web UI Vulnerabilities

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a PersonalCloud setup, an attacker can craft a command injection payload using backtick "" characters in the client:password parameter. As a result, arbitrary commands may be executed as the root user...

8.5AI score0.04079EPSS
Exploits0References1
Rows per page
Query Builder