What is CVE-2018-15745?

CVE-2018-15745 is a vulnerability in N/a. Published 2018-08-30.

Is CVE-2018-15745 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-15745

Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.

EPSS: 0.879 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

Jasurbek-Masimov/CVE-2018-15745
rapid7/metasploit-framework
20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
Mr-Tree-S/POC_
plzheheplztrying/cve_

References

45296 (exploit, x_refsource_EXPLOIT-DB)
packetstormsecurity.com/files/149134/Argus-Surveillance-DVR-4.0.0.0-Directory-T… (x_refsource_MISC)
hyp3rlinx.altervista.org/advisories/ARGUS-SURVEILLANCE-DVR-v4-UNAUTHENTICATED-P… (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-15745?: CVE-2018-15745 is a vulnerability in N/a. Published 2018-08-30.
Is CVE-2018-15745 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.