CVE-2018-17431
CVE-2018-17431
Vexday Risk Score
82Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Popular PoC on GitHub (2 stars) — exploitation code widely available.
CVSS —EPSS 83.9%KEV nãoPoC públicaNuclei simMetasploit —Patch —
Lifecycle
08 Dec 2018Public PoC
29 Jan 2019Published on NVD
Recommendation: Patch as soon as possible — active exploitation confirmed.
Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL.
Affected products
n/a · n/apublic PoCs found — 5
githubgithub.com/Fadavvi/CVE-2018-17431-PoC★ 2githubgithub.com/sanan2004/CVE-2018-17431-Comodo★ 0cve_referencepacketstormsecurity.com/files/159246/Comodo-Unified-Threat-Management-Web-Console-2.7.0-Remote-Code-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48825unverifiedvulncheckvulncheck.com/xdb/344483d07f18unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://packetstormsecurity.com/files/159246/Comodo-Unified-Threat-Management-Web-Console-2.7.0-Remote-Code-Execution.htmlhttps://drive.google.com/file/d/0BzFJhNQNHcoTbndsUmNjVWNGYWNJaWxYcWNyS2ZDajluTDFz/viewhttps://github.com/Fadavvi/CVE-2018-17431-PoC#confirmation-than-bug-exist-2018-09-25-ticket-id-xwr-503-79437