Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2018-18319
- EPSS 13.28%
- Veröffentlicht 15.10.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:42
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the ...
9.8
CVE-2018-18320
- EPSS 13.28%
- Veröffentlicht 15.10.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:42
An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intra...
1