CVE-2018-16494

EPSS 0.83% · P75 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-16494

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

不安全的临时文件

Source: NVD (National Vulnerability Database)

Vulnerability Title

Versa servers 授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Versa servers 中存在授权问题漏洞，该漏洞源于在 VOS 和过于宽松的“umask”可能允许服务器的授权用户通过不安全的文件权限获得未经授权的访问，攻击者可通过该漏洞任意读、写或执行新创建的文件和目录。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Versa VOS	Fixed Versions: 16.1R2S11, 20.2.2, 21.1.1, 21.2.1	-

II. Public POCs for CVE-2018-16494

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-16494

请登录查看更多情报信息。

https://hackerone.com/reports/1168191x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2018-16494

Same Patch Batch · n/a · 2021-05-26 · 92 CVEs total

CVE-2021-29252	5.4 MEDIUM	RSA Archer 跨站脚本漏洞
CVE-2021-29253	5.1 MEDIUM	RSA Archer 安全漏洞
CVE-2021-22746		Triconex Model 3009 MP 代码问题漏洞
CVE-2021-22731		Schneider Electric 授权问题漏洞
CVE-2021-22732		Schneider Electric homeLYnk和spaceLYnk 安全漏洞
CVE-2021-22736		Schneider Electric homeLYnk和spaceLYnk 路径遍历漏洞
CVE-2021-22734		Schneider Electric spaceLYnk和homeLYnk 数据伪造问题漏洞
CVE-2021-22735		Schneider Electric homeLYnk和spaceLYnk 数据伪造问题漏洞
CVE-2021-22733		Schneider Electric homeLYnk和spaceLYnk 安全漏洞
CVE-2021-22743		Triconex Model 3009 MP 代码问题漏洞
CVE-2021-22744		Triconex Model 3009 MP 代码问题漏洞
CVE-2021-22745		Triconex Model 3009 MP 代码问题漏洞
CVE-2021-22741		Schneider Electric EcoStruxure Geo SCADA Expert 安全漏洞
CVE-2021-22747		Triconex Model 3009 MP 代码问题漏洞
CVE-2020-22021		FFmpeg 缓冲区错误漏洞
CVE-2021-25643		Couchbase Server 安全漏洞
CVE-2020-22024		FFmpeg 安全漏洞
CVE-2020-22026		FFmpeg 安全漏洞
CVE-2021-3548		dmg2img 缓冲区错误漏洞
CVE-2020-22028		FFmpeg 安全漏洞

Showing top 20 of 92 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Versa VOS

Same vendor: n/a

Same weakness: CWE-377

V. Comments for CVE-2018-16494

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-16494

I. Basic Information for CVE-2018-16494

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-16494

III. Intelligence Information for CVE-2018-16494

Same Patch Batch · n/a · 2021-05-26 · 92 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-16494

Leave a comment