Unrated severityNVD Advisory· Published May 2, 2018· Updated Aug 5, 2024

CVE-2018-10577

Description

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root, allowing these files to be executed as root.

Affected products

WatchGuard/AP100llm-create
Range: <1.2.9.15
WatchGuard/AP102llm-create
Range: <1.2.9.15
WatchGuard/AP200llm-create
Range: <1.2.9.15
WatchGuard/AP300llm-create
Range: <2.0.0.10

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/45409/mitreexploitx_refsource_EXPLOIT-DB
seclists.org/fulldisclosure/2018/May/12mitremailing-listx_refsource_FULLDISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000