What is CVE-2018-1207?

CVE-2018-1207 is a vulnerability in N/a. Published 2018-03-23.

Is CVE-2018-1207 known to be exploited?

19 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-1207

Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code.

EPSS: 0.938 (99.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

mgargiullo/cve-2018-1207
hironull/CVE-2018-1207-better
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
Elsfa7-110/kenzer-templates
KingPlayzOp1/cve
SYNKTeam/CVE-2018-1207
chnzzh/iDRAC-CVE-lib
gnarkill78/CSA_

References

en.community.dell.com/techcenter/extras/m/white_papers/20485410 (x_refsource_MISC)
twitter.com/nicowaisman/status/977279766792466432 (x_refsource_MISC)
103694 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2018-1207?: CVE-2018-1207 is a vulnerability in N/a. Published 2018-03-23.
Is CVE-2018-1207 known to be exploited?: 19 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.