CVE-2018-5457

EPSS 0.07% · P22 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-5457

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

对搜索路径元素未加控制

Source: NVD (National Vulnerability Database)

Vulnerability Title

Vyaire Medical CareFusion Upgrade Utility 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems是美国Vyaire Medical公司的一款基于Windows XP平台的用于升级呼吸机固件的实用程序。基于Windows XP平台的Vyaire Medical CareFusion Upgrade Utility 2.0.2.2及之前版本中存在安全漏洞。本地攻击者可通过安装特制的DLL利用该漏洞与该应用程序相同的访问权限。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Vyaire Medical CareFusion Upgrade Utility Vulnerability	Vyaire Medical CareFusion Upgrade Utility Vulnerability	-

II. Public POCs for CVE-2018-5457

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-5457

请登录查看更多情报信息。

https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01x_refsource_MISC
http://www.securityfocus.com/bid/102983vdb-entryx_refsource_BID
https://nvd.nist.gov/vuln/detail/CVE-2018-5457

Same Patch Batch · n/a · 2018-02-06 · 52 CVEs total

CVE-2015-3618		Nagios Business Process Intelligence 跨站脚本漏洞
CVE-2018-6569		West Wind Web Server 安全漏洞
CVE-2018-6654		Grammarly extension for Chrome 安全漏洞
CVE-2018-6466		WordPress flickrRSS插件跨站脚本漏洞
CVE-2018-6469		WordPress flickrRSS插件跨站脚本漏洞
CVE-2018-6468		WordPress flickrRSS插件跨站脚本漏洞
CVE-2018-6467		WordPress flickrRSS插件跨站请求伪造漏洞
CVE-2018-6656		Z-BlogPHP 跨站请求伪造漏洞
CVE-2015-4400		Ring video doorbells 安全漏洞
CVE-2015-3619		Joomla! VirtueMart组件跨站脚本漏洞
CVE-2016-7394		Tiki Wiki CMS Groupware 跨站脚本漏洞
CVE-2014-5282		Docker 安全漏洞
CVE-2014-5280		boot2docker 安全漏洞
CVE-2014-5279		boot2docker 安全漏洞
CVE-2018-6389		WordPress 安全漏洞
CVE-2017-17663		thttpd和mini_httpd 缓冲区错误漏洞
CVE-2018-6758		Unbit uWSGI 缓冲区错误漏洞
CVE-2016-3957		web2py 安全漏洞
CVE-2016-3954		web2py 安全漏洞
CVE-2016-3953		web2py sample Web应用程序

Showing top 20 of 52 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: n/a

Same weakness: CWE-427

V. Comments for CVE-2018-5457

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-5457

I. Basic Information for CVE-2018-5457

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-5457

III. Intelligence Information for CVE-2018-5457

Same Patch Batch · n/a · 2018-02-06 · 52 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-5457

Leave a comment