CVE-2018-0625: OS Command Injection
First published: Wed Jan 09 2019(Updated: )
Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via formSysCmd parameter.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nec Aterm Wg1200hp Firmware | <=1.0.31 | |
| Nec Aterm Wg1200hp |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-0625?
CVE-2018-0625 is a vulnerability in Aterm WG1200HP firmware Ver1.0.31 and earlier that allows an attacker with administrator rights to execute arbitrary OS commands.
How severe is CVE-2018-0625?
CVE-2018-0625 has a severity rating of 7.2 (Critical).
How does CVE-2018-0625 affect the Aterm WG1200HP firmware?
CVE-2018-0625 affects Aterm WG1200HP firmware Ver1.0.31 and earlier by allowing an attacker with administrator rights to execute arbitrary OS commands via the formSysCmd parameter.
Is the Nec Aterm Wg1200hp firmware vulnerable to CVE-2018-0625?
The Nec Aterm Wg1200hp firmware is vulnerable to CVE-2018-0625 if it is running Ver1.0.31 or earlier.
How can I fix CVE-2018-0625?
To fix CVE-2018-0625, it is recommended to update the Aterm WG1200HP firmware to a version later than Ver1.0.31.
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/nec
- canonical/nec aterm wg1200hp firmware
- version/nec aterm wg1200hp firmware/1.0.31
- canonical/nec aterm wg1200hp