Unrated severityNVD Advisory· Published Jun 18, 2019· Updated Aug 5, 2024
CVE-2018-18879
CVE-2018-18879
Description
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can pipe commands directly to the underlying operating system as user input is not sanitized in networkdiags.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Columbia Weather/MicroServerdescription
- Range: = MS_2.6.9900
Patches
Vulnerability mechanics
References
2- applied-risk.com/labs/advisoriesmitrex_refsource_MISC
- ics-cert.us-cert.gov/advisories/ICSA-19-078-02mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.