Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-18369

EPSS 88.49% · P100
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-18369

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the adv_remotelog.asp page and can be exploited through the syslogServerAddr parameter.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Billion Electric 5200W-T 操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Billion Electric 5200W-T是英国Billion Electric公司的一款无线路由器。 使用1.02b.rc5.dt49版本固件的Billion 5200W-T中的Remote System Log转发函数存在操作系统命令注入漏洞。该漏洞源于外部输入数据构造操作系统可执行命令过程中,网络系统或产品未正确过滤其中的特殊字符、命令等。攻击者可利用该漏洞执行非法操作系统命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2017-18369

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-18369

Please Login to view more intelligence information

Same Patch Batch · n/a · 2019-05-02 · 23 CVEs total

CVE-2017-18374ZyXEL P660HN-T1A 信任管理问题漏洞
CVE-2019-11675groonga-httpd 竞争条件问题漏洞
CVE-2019-11676ZOHO ManageEngine Firewall Analyzer 跨站脚本漏洞
CVE-2019-11677ZOHO ManageEngine Firewall Analyzer 代码问题漏洞
CVE-2019-11678ZOHO ManageEngine Firewall Analyzer SQL注入漏洞
CVE-2019-11682Taps Lab MailCarrier 缓冲区错误漏洞
CVE-2017-18368ZyXEL P660HN-T1A 操作系统命令注入漏洞
CVE-2017-18370ZyXEL P660HN-T1A 操作系统命令注入漏洞
CVE-2017-18371ZyXEL P660HN-T1A 信任管理问题漏洞
CVE-2017-18372Billion Electric 5200W-T 操作系统命令注入漏洞
CVE-2017-18373Billion Electric 5200W-T 信任管理问题漏洞
CVE-2019-11687NEMA DICOM 输入验证错误漏洞
CVE-2019-11683Linux kernel 缓冲区错误漏洞
CVE-2019-9017SolarWinds DameWare Mini Remote Control 缓冲区错误漏洞
CVE-2018-16716NCBI ToolBox 路径遍历漏洞
CVE-2018-16717NCBI ToolBox 缓冲区错误漏洞
CVE-2018-16718NCBI ToolBox 跨站脚本漏洞
CVE-2018-16960Open XDMoD 跨站脚本漏洞
CVE-2018-16961Open XDMoD 路径遍历漏洞
CVE-2018-16988Open XDMoD 授权问题漏洞

Showing top 20 of 23 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2017-18369

No comments yet

Leave a comment