Vulnerability in N/a
CVE-2018-6892
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This wi…
EPSS: 0.897 (99.6th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
- latortuga71/CVE-2018-6892-Golang
- crypticq/CLOUDME_B0F
- manojcode/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass
- manojcode/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass
- rapid7/metasploit-framework
- m4ttless/CVE-Exploits
- 0xT11/CVE-POC
- ARPSyndicate/cvemon
- hectorgie/PoC-in-GitHub
- hsteigerFR/Cybersecurity-ROPChain
References
- 44175 (exploit, x_refsource_EXPLOIT-DB)
- blogs.securiteam.com/index.php/archives/3669 (x_refsource_MISC)
- hyp3rlinx.altervista.org/advisories/CLOUDME-SYNC-UNAUTHENTICATED-REMOTE-BUFFER-… (x_refsource_MISC)
- 46250 (exploit, x_refsource_EXPLOIT-DB)
- 45197 (exploit, x_refsource_EXPLOIT-DB)
- 44027 (exploit, x_refsource_EXPLOIT-DB)
- packetstormsecurity.com/files/157407/CloudMe-1.11.2-Buffer-Overflow.html (x_refsource_MISC)
- packetstormsecurity.com/files/158716/CloudMe-1.11.2-SEH-Buffer-Overflow.html (x_refsource_MISC)
- packetstormsecurity.com/files/159327/CloudMe-1.11.2-Buffer-Overflow.html (x_refsource_MISC)
- 48840 (exploit, x_refsource_EXPLOIT-DB)
Frequently asked questions
- What is CVE-2018-6892?
- CVE-2018-6892 is a vulnerability in N/a. Published 2018-02-11.
- Is CVE-2018-6892 known to be exploited?
- 10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.