CVE-2018-25146

Exploit

EPSS 0.05%
Veröffentlicht 24.12.2025 19:27:50
Zuletzt bearbeitet 02.02.2026 16:16:13
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microhardcorp ≫ Ipn4g Firmware Version1.1.0 Updatebuild1098

Microhardcorp ≫ Ipn4g Version-

Microhardcorp ≫ Ipn3gb Firmware Version2.2.0 Updatebuild2160

Microhardcorp ≫ Ipn3gb Version-

Microhardcorp ≫ Ipn4gb Firmware Version1.1.6 Updatebuild1184-14

Microhardcorp ≫ Ipn4gb Version-

Microhardcorp ≫ Ipn4gb Firmware Version1.1.0 Updaterev2_build1090-2

Microhardcorp ≫ Ipn4gb Version-

Microhardcorp ≫ Ipn4gb Firmware Version1.1.0 Updaterev2_build1086

Microhardcorp ≫ Ipn4gb Version-

Microhardcorp ≫ Bullet-3g Firmware Version1.2.0 Updatereva_build1032

Microhardcorp ≫ Bullet-3g Version-

Microhardcorp ≫ Vip4gb Firmware Version1.1.6 Updatebuild_1204

Microhardcorp ≫ Vip4gb Version-

Microhardcorp ≫ Vip4gb Firmware Version1.1.6 Updaterev3_build1184-14

Microhardcorp ≫ Vip4gb Version-

Microhardcorp ≫ Vip4gb Wifi-n Firmware Version1.1.6 Updaterev2_build1196

Microhardcorp ≫ Vip4gb Wifi-n Version-

Microhardcorp ≫ Bullet-3g Firmware Version1.2.0 Updatebuild1076

Microhardcorp ≫ Bullet-3g Version-

Microhardcorp ≫ Bullet-lte Firmware Version1.2.0 Updatebuild1078

Microhardcorp ≫ Bullet-lte Version-

Microhardcorp ≫ Ipn3gii Firmware Version1.2.0 Updatebuild1076

Microhardcorp ≫ Ipn3gii Version-

Microhardcorp ≫ Ipn4gii Firmware Version1.2.0 Updatebuild1078

Microhardcorp ≫ Ipn4gii Version-

Microhardcorp ≫ Bulletplus Firmware Version1.3.0 Updatebuild1036

Microhardcorp ≫ Bulletplus Version-

Microhardcorp ≫ Dragon-lte Firmware Version1.1.0 Updatebuild1036

Microhardcorp ≫ Dragon-lte Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.159

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
disclosure@vulncheck.com	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
disclosure@vulncheck.com	7.1	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvd@nist.gov	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

http://www.microhardcorp.com

Product

https://www.exploit-db.com/exploits/45035

Exploit

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5481.php

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2018-25146

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-25146

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-25146

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2018-25146