Critical severity9.8NVD Advisory· Published Aug 8, 2018· Updated Jun 17, 2026
CVE-2018-15137
CVE-2018-15137
Description
CeLa Link CLR-M20 devices allow unauthorized users to upload any file (e.g., asp, aspx, cfm, html, jhtml, jsp, or shtml), which causes remote code execution as well. Because of the WebDAV feature, it is possible to upload arbitrary files by utilizing the PUT method.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- github.com/safakaslan/CelaLinkCLRM20/issues/1nvdThird Party Advisory
- www.exploit-db.com/exploits/45021/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.