← back
CVE-2018-8284

CVE-2018-8284

EPSS 42.9%
Vexday Risk Score
15Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 42.9%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
11 Jul 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
Affected products
Microsoft · Microsoft .NET Framework

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284http://www.securityfocus.com/bid/104667http://www.securitytracker.com/id/1041257