Published: 12/06/2018 Updated: 28/05/2019

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 891

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote malicious users to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi.

Vulnerable Product	Search on Vulmon	Subscribe to Product
westerndigital tv_live_hub_firmware 3.12.13
westerndigital tv_media_player_firmware 1.03.07

Uleska CLI for ease of integration with CI/CD and similar systems

uleska-automate Uleska CLI for ease of integration with CI/CD and similar systems ___ ___ ___ _______ ________ ___ __ ________ |\ \|\ \|\ \ |\ ___ \ |\ ____\|\ \|\ \ |\ __ \ \ \ \\\ \ \ \ \ \ __/|\ \ \___|\ \ \/ /|\ \ \|\ \ \ \ \\\ \ \ \ \ \ \_|/_\ \_____ \ \ ___ \ \ __ \ \ \ \\\ \ \ \____\ \ \_|\ \

Uleska CLI for ease of integration with CI/CD and similar systems

uleska-automate Uleska CLI for ease of integration with CI/CD and similar systems ___ ___ ___ _______ ________ ___ __ ________ |\ \|\ \|\ \ |\ ___ \ |\ ____\|\ \|\ \ |\ __ \ \ \ \\\ \ \ \ \ \ __/|\ \ \___|\ \ \/ /|\ \ \|\ \ \ \ \\\ \ \ \ \ \ \_|/_\ \_____ \ \ ___ \ \ __ \ \ \ \\\ \ \ \____\ \ \_|\ \

CWE-119 https://www.tenable.com/security/research/tra-2018-14 https://nvd.nist.gov https://github.com/uleska-demo/uleska-automate

CVE-2018-1151

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect