CVE-2018-19612: Malicious File Upload
First published: Fri May 24 2019(Updated: )
The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Westermo Dr-250 Firmware | ||
| Westermo DR-250 | ||
| Westermo Dr-260 Firmware | ||
| Westermo Dr-260 | ||
| Westermo Mr-260 Firmware | ||
| Westermo Mr-260 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-19612?
CVE-2018-19612 is a vulnerability in the /uploadfile? functionality of Westermo DR-250 and DR-260 routers that allows remote users to upload malicious files and execute ASP code.
How severe is CVE-2018-19612?
CVE-2018-19612 has a severity rating of 8.8, which is considered high.
Which software versions are affected by CVE-2018-19612?
The affected software versions include Westermo DR-250 Pre-5162 firmware, Westermo DR-260 Pre-5162 firmware, and Westermo MR-260 firmware.
How can I fix CVE-2018-19612?
To fix CVE-2018-19612, it is recommended to update to the latest firmware version provided by Westermo.
Where can I find more information about CVE-2018-19612?
More information about CVE-2018-19612 can be found at the GitHub link: https://github.com/TheWickerMan/CVE-Disclosures/blob/master/CVE-2018-19612.md
- collector/nvd-index
- agent/weakness
- agent/references
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/westermo
- canonical/westermo dr-250 firmware
- canonical/westermo dr-250
- canonical/westermo dr-260 firmware
- canonical/westermo dr-260
- canonical/westermo mr-260 firmware
- canonical/westermo mr-260