1. Home
  2. CVE Database
  3. CVE-2018-19031
HIGH · 8.8

CVE-2018-19031

A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4)...

Vulnerability Description

A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
360Safe Router P0 Firmware2.0.61.58897
360Safe Router P0-
360Safe Router P1 Firmware2.0.61.58897
360Safe Router P1-
360Safe Router P2 Firmware2.0.61.58897
360Safe Router P2-
360Safe Router P3 Firmware2.0.61.58897
360Safe Router P3-
360Safe Router P4 Firmware2.0.61.58897
360Safe Router P4-

Related Weaknesses (CWE)

CWE-77

References

FAQ

What is CVE-2018-19031?

CVE-2018-19031 is a vulnerability with a CVSS score of 8.8 (HIGH). A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4)...

How severe is CVE-2018-19031?

CVE-2018-19031 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-19031?

Check the references section above for vendor advisories and patch information. Affected products include: 360 Safe Router P0 Firmware, 360 Safe Router P0, 360 Safe Router P1 Firmware, 360 Safe Router P1, 360 Safe Router P2 Firmware.