VYPR
High severity7.5NVD Advisory· Published May 17, 2018· Updated Jun 17, 2026

CVE-2018-1111

CVE-2018-1111

Description

DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Red Hat/dhcpllm-create
  • Fedora/dhcpv5
    Range: Fedora 28
  • Red Hat/dhcpv5
    Range: Red Hat Enterprise Linux 6

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.