CVE-2018-13318

System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:buffalo:ts5600d1206_firmware:3.61-0.10:*:*:*:*:*:*:*
cpe:2.3:h:buffalo:ts5600d1206:-:*:*:*:*:*:*:*

Information

Published : 2018-11-26 15:29

Updated : 2019-10-02 17:03


NVD link : CVE-2018-13318

Mitre link : CVE-2018-13318


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

buffalo

  • ts5600d1206_firmware
  • ts5600d1206