What is CVE-2018-1235?

CVE-2018-1235 is a vulnerability in Dell Emc Recoverpoint. Published 2018-05-29.

Is CVE-2018-1235 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Dell Emc Recoverpoint

CVE-2018-1235

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary…

EPSS: 0.517 (98.0th percentile) — read the EPSS interpretation.

Affected products

Dell Emc Recoverpoint — versions unspecified
Dell Emc Recoverpoint Virtual Machine (Vm) — versions unspecified

Public proof-of-concept exploits

AbsoZed/CVE-2018-1235
0xT11/CVE-POC
ARPSyndicate/cve-scores
bao7uo/dell-emc_
developer3000S/PoC-in-GitHub
hectorgie/PoC-in-GitHub

References

20180522 DSA-2018-095: Dell EMC RecoverPoint Multiple Vulnerabilities (mailing-list, x_refsource_FULLDISC)
44920 (exploit, x_refsource_EXPLOIT-DB)
104246 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2018-1235?: CVE-2018-1235 is a vulnerability in Dell Emc Recoverpoint. Published 2018-05-29.
Is CVE-2018-1235 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.