CVE-2018-10987

Published: Jul 5, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.6 / Impact: 5.9

Source: NVD

Description

An issue was discovered on Dongguan Diqee Diqee360 devices. The affected vacuum cleaner suffers from an authenticated remote code execution vulnerability. An authenticated attacker can send a specially crafted UDP packet, and execute commands on the vacuum cleaner as root. The bug is in the function REQUEST_SET_WIFIPASSWD (UDP command 153). A crafted UDP packet runs "/mnt/skyeye/mode_switch.sh %s" with an attacker controlling the %s variable. In some cases, authentication can be achieved with the default password of 888888 for the admin account.

Affected (1)

Products: Diqee: Diqee360 Firmware

1 product

Diqee360 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Diqee Diqee360 Firmware	All versions

Running on/with	Platform Versions
Diqee Diqee360	All versions

Related CWEs

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (2)

https://gist.github.com/neolead/10b27c5c04bca84a5515783ca6f2ecb4#file-cve-2018-10987-txt

Source: cve@mitre.org

Third Party Advisory

https://gist.github.com/neolead/10b27c5c04bca84a5515783ca6f2ecb4#file-cve-2018-10987-txt

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.