CVE-2018-16195
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-16195
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
NEC Aterm WF1200CR和Aterm WG1200CR 操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NEC Aterm WF1200CR和Aterm WG1200CR都是日本电气(NEC)公司的路由器产品。 使用1.1.1及之前版本固件的NEC Aterm WF1200CR和使用1.0.1及之前版本固件的Aterm WG1200CR中的‘UPnP’函数的SOAP接口存在操作系统命令注入漏洞。攻击者可借助UPnP的SOAP接口利用该漏洞执行任意操作系统命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| NEC Corporation | Aterm WF1200CR and Aterm WG1200CR | (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) | - |
II. Public POCs for CVE-2018-16195
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-16195
Please Login to view more intelligence information
- https://jpn.nec.com/security-info/secinfo/nv18-021.htmlx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2018-16195
Same Patch Batch · NEC Corporation · 2019-01-09 · 21 CVEs total
| CVE-2018-0635 | NEC Aterm HC100RC 操作系统命令注入漏洞 | |
| CVE-2018-16194 | NEC Aterm WF1200CR和Aterm WG1200CR 操作系统命令注入漏洞 | |
| CVE-2018-16193 | NEC Aterm WF1200CR和Aterm WG1200CR 跨站脚本漏洞 | |
| CVE-2018-16192 | NEC Aterm WF1200CR和Aterm WG1200CR 信息泄露漏洞 | |
| CVE-2018-0641 | NEC Aterm HC100RC 缓冲区错误漏洞 | |
| CVE-2018-0640 | NEC Aterm缓冲区错误漏洞 | |
| CVE-2018-0639 | NEC Aterm HC100RC 操作系统命令注入漏洞 | |
| CVE-2018-0638 | NEC Aterm HC100RC 操作系统命令注入漏洞 | |
| CVE-2018-0637 | NEC Aterm HC100RC 操作系统命令注入漏洞 | |
| CVE-2018-0636 | NEC Aterm HC100RC 操作系统命令注入漏洞 | |
| CVE-2018-0625 | NEC Aterm WG1200HP 操作系统命令注入漏洞 | |
| CVE-2018-0634 | NEC Aterm HC100RC 操作系统命令注入漏洞 | |
| CVE-2018-0633 | NEC Aterm W300P 缓冲区错误漏洞 | |
| CVE-2018-0632 | NEC Aterm W300P 缓冲区错误漏洞 | |
| CVE-2018-0631 | NEC Aterm W300P 操作系统命令注入漏洞 | |
| CVE-2018-0630 | NEC Aterm W300P 操作系统命令注入漏洞 | |
| CVE-2018-0629 | NEC Aterm W300P 操作系统命令注入漏洞 | |
| CVE-2018-0628 | NEC Aterm WG1200HP 操作系统命令注入漏洞 | |
| CVE-2018-0627 | NEC Aterm WG1200HP 操作系统命令注入漏洞 | |
| CVE-2018-0626 | NEC Aterm WG1200HP 操作系统命令注入漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2018-16195
No comments yet