What is the severity of CVE-2018-1151?

CVE-2018-1151 is classified as a critical vulnerability that allows remote code execution.

How do I fix CVE-2018-1151?

To mitigate CVE-2018-1151, apply the latest firmware updates provided by Western Digital for the affected devices.

What are the affected software versions for CVE-2018-1151?

CVE-2018-1151 affects Western Digital TV Media Player firmware version 1.03.07 and TV Live Hub firmware version 3.12.13.

Can CVE-2018-1151 be exploited remotely?

Yes, CVE-2018-1151 can be exploited by unauthenticated remote attackers through crafted HTTP requests.

What impact does CVE-2018-1151 have on affected devices?

CVE-2018-1151 can lead to arbitrary code execution or denial of service on the vulnerable devices.

Vulnerability/
CVE-2018-1151

critical

CWE

119

12/6/2018

17/9/2024

CVE-2018-1151: Buffer Overflow

First published: Tue Jun 12 2018(Updated: )

The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi.

Credit: vulnreport@tenable.com

Affected Software	Affected Version	How to fix
Westerndigital Tv Live Hub Firmware	=3.12.13
Westerndigital Tv Live Hub
Westerndigital Tv Media Player Firmware	=1.03.07
Westerndigital Tv Media Player

Never miss a vulnerability like this again

Reference Links

https://www.tenable.com/security/research/tra-2018-14

Frequently Asked Questions

What is the severity of CVE-2018-1151?
CVE-2018-1151 is classified as a critical vulnerability that allows remote code execution.
How do I fix CVE-2018-1151?
To mitigate CVE-2018-1151, apply the latest firmware updates provided by Western Digital for the affected devices.
What are the affected software versions for CVE-2018-1151?
CVE-2018-1151 affects Western Digital TV Media Player firmware version 1.03.07 and TV Live Hub firmware version 3.12.13.
Can CVE-2018-1151 be exploited remotely?
Yes, CVE-2018-1151 can be exploited by unauthenticated remote attackers through crafted HTTP requests.
What impact does CVE-2018-1151 have on affected devices?
CVE-2018-1151 can lead to arbitrary code execution or denial of service on the vulnerable devices.

collector/nvd-index
agent/type
agent/softwarecombine
agent/weakness
agent/severity
agent/references
agent/author
agent/tags
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
vendor/westerndigital
canonical/westerndigital tv live hub firmware
version/westerndigital tv live hub firmware/3.12.13
canonical/westerndigital tv live hub
canonical/westerndigital tv media player firmware
version/westerndigital tv media player firmware/1.03.07
canonical/westerndigital tv media player

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2018-1151?
CVE-2018-1151 is classified as a critical vulnerability that allows remote code execution.
How do I fix CVE-2018-1151?
To mitigate CVE-2018-1151, apply the latest firmware updates provided by Western Digital for the affected devices.
What are the affected software versions for CVE-2018-1151?
CVE-2018-1151 affects Western Digital TV Media Player firmware version 1.03.07 and TV Live Hub firmware version 3.12.13.
Can CVE-2018-1151 be exploited remotely?
Yes, CVE-2018-1151 can be exploited by unauthenticated remote attackers through crafted HTTP requests.
What impact does CVE-2018-1151 have on affected devices?
CVE-2018-1151 can lead to arbitrary code execution or denial of service on the vulnerable devices.