Vulnerability in Jpcert Coordination Center Logontracer
CVE-2018-16167
LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
EPSS: 0.870 (99.5th percentile) — read the EPSS interpretation.
Affected products
- Jpcert Coordination Center Logontracer — versions 1.2.0 and earlier
Public proof-of-concept exploits
References
- github.com/JPCERTCC/LogonTracer/releases/tag/v1.2.1 (x_refsource_MISC)
- jvn.jp/en/vu/JVNVU98026636/index.html (x_refsource_MISC)
Frequently asked questions
- What is CVE-2018-16167?
- CVE-2018-16167 is a vulnerability in Jpcert Coordination Center Logontracer. Published 2019-01-09.
- Is CVE-2018-16167 known to be exploited?
- 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.