CVE-2018-19031
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897.
Se presenta una vulnerabilidad de inyección de comando cuando el usuario autorizado pasa el parámetro diseñado hacia el proceso en segundo plano en el enrutador. Esto afecta a los productos de la serie de enrutadores 360 (360 Safe Router P0, P1, P2, P3, P4), la versión afectada es V2.0.61.58897.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-11-06 CVE Reserved
- 2019-11-04 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.360.cn/News/news/id/188.html | 2020-08-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| 360 Search vendor "360" | Safe Router P0 Firmware Search vendor "360" for product "Safe Router P0 Firmware" | 2.0.61.58897 Search vendor "360" for product "Safe Router P0 Firmware" and version "2.0.61.58897" | - |
Affected
| in | 360 Search vendor "360" | Safe Router P0 Search vendor "360" for product "Safe Router P0" | - | - |
Safe
|
| 360 Search vendor "360" | Safe Router P1 Firmware Search vendor "360" for product "Safe Router P1 Firmware" | 2.0.61.58897 Search vendor "360" for product "Safe Router P1 Firmware" and version "2.0.61.58897" | - |
Affected
| in | 360 Search vendor "360" | Safe Router P1 Search vendor "360" for product "Safe Router P1" | - | - |
Safe
|
| 360 Search vendor "360" | Safe Router P2 Firmware Search vendor "360" for product "Safe Router P2 Firmware" | 2.0.61.58897 Search vendor "360" for product "Safe Router P2 Firmware" and version "2.0.61.58897" | - |
Affected
| in | 360 Search vendor "360" | Safe Router P2 Search vendor "360" for product "Safe Router P2" | - | - |
Safe
|
| 360 Search vendor "360" | Safe Router P3 Firmware Search vendor "360" for product "Safe Router P3 Firmware" | 2.0.61.58897 Search vendor "360" for product "Safe Router P3 Firmware" and version "2.0.61.58897" | - |
Affected
| in | 360 Search vendor "360" | Safe Router P3 Search vendor "360" for product "Safe Router P3" | - | - |
Safe
|
| 360 Search vendor "360" | Safe Router P4 Firmware Search vendor "360" for product "Safe Router P4 Firmware" | 2.0.61.58897 Search vendor "360" for product "Safe Router P4 Firmware" and version "2.0.61.58897" | - |
Affected
| in | 360 Search vendor "360" | Safe Router P4 Search vendor "360" for product "Safe Router P4" | - | - |
Safe
|