Vulnerability Description
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. The login form passes user input directly to a shell command without any kind of escaping or validation in /usr/share/www/check.lp file. An attacker is able to perform command injection using the "password" parameter in the login form.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Teracue | Enc-400 Hdmi Firmware | <= 2.56 |
| Teracue | Enc-400 Hdmi | - |
| Teracue | Enc-400 Hdmi2 Firmware | <= 2.56 |
| Teracue | Enc-400 Hdmi2 | - |
| Teracue | Enc-400 Hdsdi Firmware | <= 2.56 |
| Teracue | Enc-400 Hdsdi | - |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2019/Feb/48ExploitMailing ListThird Party Advisory
- https://zxsecurity.co.nz/research.htmlNot Applicable
- http://seclists.org/fulldisclosure/2019/Feb/48ExploitMailing ListThird Party Advisory
- https://zxsecurity.co.nz/research.htmlNot Applicable
FAQ
What is CVE-2018-20218?
CVE-2018-20218 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. The login form passes user input directly to a shell command without any kind of escaping or validation in /usr/share/w...
How severe is CVE-2018-20218?
CVE-2018-20218 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-20218?
Check the references section above for vendor advisories and patch information. Affected products include: Teracue Enc-400 Hdmi Firmware, Teracue Enc-400 Hdmi, Teracue Enc-400 Hdmi2 Firmware, Teracue Enc-400 Hdmi2, Teracue Enc-400 Hdsdi Firmware.