← volver
CVE-2018-12909

CVE-2018-12909

EPSS 18.6%
Vexday Risk Score
23Bajo
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
Madurez del exploit
Exploit funcional
Exploit automatizable disponible (Nuclei/Metasploit).
CVSS EPSS 18.6%KEV nãoPoC Nuclei simMetasploit Patch
Ciclo de vida
27 jun 2018Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the webserver user has access to) via an index.php?op=fileviewer&file= URI. NOTE: the vendor indicates that the product is not intended for a "publicly accessible environment.
Productos afectados
n/a · n/a