← back
CVE-2018-17936

CVE-2018-17936

EPSS 15.3%CWE-434
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS EPSS 15.3%KEV nãoPoC Nuclei Metasploit simPatch
Lifecycle
11 Oct 2018Metasploit module available
27 Nov 2018Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution.
Affected products
n/a · NUUO CMS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02