CVE-2018-9076: Iomega and LenovoEMC NAS Web UI Vulnerabilities
First published: Fri Sep 28 2018(Updated: )
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing the name of a share, an attacker can craft a command injection payload using backtick "``" characters in the name parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter.
Credit: psirt@lenovo.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Lenovo LenovoEMC firmware | <=4.1.402.34662 | |
| Lenovo Iomega ez media \& backup center | ||
| Lenovo Iomega storcenter ix2 | ||
| Lenovo Iomega storcenter ix2-dl | ||
| Lenovo EMC ix4-300d | ||
| Lenovo EMC px12-400r IVX | ||
| Lenovo EMC px12-450r | ||
| Lenovo Iomega storcenter px2-300d | ||
| Lenovo Iomega storcenter px4-300d | ||
| Lenovo Iomega storcenter px4-300r | ||
| Lenovo Iomega storcenter px6-300d | ||
| Lenovo Lenovo ez media \& backup center | ||
| Lenovo EMC ix2/ix2-dl | ||
| Lenovo EMC ix4-300d | ||
| Lenovo LenovoEMC px12-400r | ||
| Lenovo LenovoEMC px12-450r | ||
| Lenovo EMC px2-300d | ||
| Lenovo EMC px4-300d | ||
| Lenovo EMC px4-300r | ||
| Lenovo EMC px4-400d | ||
| Lenovo EMC px4-400r | ||
| Lenovo EMC px6-300d |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/lenovo
- canonical/lenovo lenovoemc firmware
- version/lenovo lenovoemc firmware/4.1.402.34662
- canonical/lenovo iomega ez media \& backup center
- canonical/lenovo iomega storcenter ix2
- canonical/lenovo iomega storcenter ix2-dl
- canonical/lenovo emc ix4-300d
- canonical/lenovo emc px12-400r ivx
- canonical/lenovo emc px12-450r
- canonical/lenovo iomega storcenter px2-300d
- canonical/lenovo iomega storcenter px4-300d
- canonical/lenovo iomega storcenter px4-300r
- canonical/lenovo iomega storcenter px6-300d
- canonical/lenovo lenovo ez media \& backup center
- canonical/lenovo emc ix2/ix2-dl
- canonical/lenovo lenovoemc px12-400r
- canonical/lenovo lenovoemc px12-450r
- canonical/lenovo emc px2-300d
- canonical/lenovo emc px4-300d
- canonical/lenovo emc px4-300r
- canonical/lenovo emc px4-400d
- canonical/lenovo emc px4-400r
- canonical/lenovo emc px6-300d