Unrated severityNVD Advisory· Published Jun 18, 2019· Updated Aug 5, 2024

CVE-2018-18852

Description

Cerio DT-300N 1.1.6 through 1.1.12 devices allow OS command injection because of improper input validation of the web-interface PING feature's use of Save.cgi to execute a ping command, as exploited in the wild in October 2018.

Affected products

Cerio/DT-300Ndescription
Cerio/DT-300Nllm-create
Range: >=1.1.6, <=1.1.12

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.fortiguard.com/zeroday/FG-VD-18-149mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.057
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000