High severity7.5NVD Advisory· Published May 17, 2018· Updated Jun 17, 2026
CVE-2018-1111
CVE-2018-1111
Description
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Fedora/dhcpv5Range: Fedora 28
- Red Hat/dhcpv5Range: Red Hat Enterprise Linux 6
Patches
Vulnerability mechanics
References
21- www.exploit-db.com/exploits/44652/nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/44890/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/104195nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1040912nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2018:1453nvdVendor Advisory
- access.redhat.com/errata/RHSA-2018:1454nvdVendor Advisory
- access.redhat.com/errata/RHSA-2018:1455nvdVendor Advisory
- access.redhat.com/errata/RHSA-2018:1456nvdVendor Advisory
- access.redhat.com/errata/RHSA-2018:1457nvdVendor Advisory
- access.redhat.com/errata/RHSA-2018:1458nvdVendor Advisory
- access.redhat.com/errata/RHSA-2018:1459nvdVendor Advisory
- access.redhat.com/errata/RHSA-2018:1460nvdVendor Advisory
- access.redhat.com/errata/RHSA-2018:1461nvdVendor Advisory
- access.redhat.com/errata/RHSA-2018:1524nvdVendor Advisory
- access.redhat.com/security/vulnerabilities/3442151nvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor Advisory
- help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/nvd
- www.tenable.com/security/tns-2018-10nvd
News mentions
0No linked articles in our index yet.