CVE-2018-1207

Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A…

dell·CWE-94·Published 2018-03-23

CVSS

—

EPSS

0.91

KEV

Exploits

cve.orgen

236 chars

Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code.

NVDen

236 chars

NVDes

253 chars

Dell EMC iDRAC7/iDRAC8, en versiones anteriores a la 2.52.52.52, contiene una vulnerabilidad de inyección CGI que podría utilizarse para ejecutar código remoto. Un atacante remoto no autenticado podría utilizar variables CGI para ejecutar código remoto.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H