CVE-2018-25146
7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Summary
Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Microhard Systems | Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS | IPn4G 1.1.0 build 1098 | affected |
Weaknesses
- CWE-863: Incorrect Authorization
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
Additional References
References
- https://www.exploit-db.com/exploits/45035
- http://www.microhardcorp.com
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5481.php
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.