CVE-2018-9066

EPSS 0.67% · P72 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-9066

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user can, under specific circumstances, inject additional parameters into a specific web API call which can result in privileged command execution within LXCA's underlying operating system.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Lenovo XClarity Administrator 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Lenovo XClarity Administrator（LXCA）是中国联想（Lenovo）公司的一套集中式的资源管理解决方案。该方案支持简化基础结构管理、加快服务器响应和提高Lenovo服务器系统性能等。 Lenovo LXCA 2.1.0之前版本中的Web API存在安全漏洞。攻击者可通过向特定的Web API调用注入额外的参数利用该漏洞在LXCA的底层操作系统中执行权限命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Lenovo Group Ltd.	Lenovo xClarity Administrator	Earlier than 2.1.0	-

II. Public POCs for CVE-2018-9066

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-9066

请登录查看更多情报信息。

Vendor Advisories for CVE-2018-9066 (1)

https://support.lenovo.com/us/en/solutions/LEN-22168x_refsource_CONFIRM

https://nvd.nist.gov/vuln/detail/CVE-2018-9066

Same Patch Batch · Lenovo Group Ltd. · 2018-07-30 · 3 CVEs total

CVE-2018-9064		Lenovo XClarity Administrator 安全漏洞
CVE-2018-9065		Lenovo XClarity Administrator 安全漏洞

IV. Related Vulnerabilities

Same product: Lenovo xClarity Administrator

Same vendor: Lenovo Group Ltd.

V. Comments for CVE-2018-9066

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-9066

I. Basic Information for CVE-2018-9066

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-9066

III. Intelligence Information for CVE-2018-9066

Vendor Advisories for CVE-2018-9066 (1)

Same Patch Batch · Lenovo Group Ltd. · 2018-07-30 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-9066

Leave a comment