Lucene search
MitreVULNRICHMENT:CVE-2018-16739HistoryOct 26, 2023 - 12:00 a.m.
CVE-2018-16739
2023-10-2600:00:00
mitre
github.com
3
abus tvip devices
path traversal
vulnerability
code execution
root privileges
An issue was discovered on certain ABUS TVIP devices. Due to a path traversal in /opt/cgi/admin/filewrite, an attacker can write to files, and thus execute code arbitrarily with root privileges.
ADP Affected
[
{
"cpes": [
"cpe:2.3:o:abus:tvip_10000_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10001_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10005a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10005b_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10005_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10051_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10055a_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10055b_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_10550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11000_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11501_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11502_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_11552_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_20000_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_20050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_20500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_20550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21000_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21501_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21502_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_21552_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_22500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31000_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31001_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31050_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31501_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_31551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_32500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_51500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_51550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_71500_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_71501_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_71550_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_71551_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:abus:tvip_72500_firmware:-:*:*:*:*:*:*:*"
],
"vendor": "abus",
"product": "tvip_72500_firmware",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "*",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
CVE-2018-16739
2023-10-26 00:00:00
nvd
nvd
CVE-2018-16739
2023-10-26 22:15:08
prion
prion
Path traversal
2023-10-26 22:15:00
cve
cve
CVE-2018-16739
2023-10-26 22:15:08
AI Score
7.3
Confidence
Low
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2018-16739