What is CVE-2018-18852?

CVE-2018-18852 is a vulnerability in N/a. Published 2019-06-18.

Is CVE-2018-18852 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-18852

Cerio DT-300N 1.1.6 through 1.1.12 devices allow OS command injection because of improper input validation of the web-interface PING feature's use of Save.cgi to execute a ping command, as exploited in the wild in October 2018.

EPSS: 0.708 (98.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

hook-s3c/CVE-2018-18852
andripwn/CVE-2018-18852
0xT11/CVE-POC
422926799/haq5201314
ARPSyndicate/cvemon
anquanscan/sec-tools
jiushill/haq5201314

References

www.fortiguard.com/zeroday/FG-VD-18-149 (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-18852?: CVE-2018-18852 is a vulnerability in N/a. Published 2019-06-18.
Is CVE-2018-18852 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.