CVE-2018-25146
7.1
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow more
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: disclosure@vulncheck.com (Secondary)
Description
Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.
Affected (15)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.0 build1098 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Ipn4g | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.2.0 build2160 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Ipn3gb | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.6 build1184-14 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.0 rev2_build1090-2 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.0 rev2_build1086 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Ipn4gb | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.0 reva_build1032 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.6 build_1204 |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.6 rev3_build1184-14 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Vip4gb | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.6 rev2_build1196 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Vip4gb Wifi N | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.0 build1076 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Bullet 3g | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.0 build1078 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Bullet Lte | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.0 build1076 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Ipn3gii | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.0 build1078 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Ipn4gii | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.3.0 build1036 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Bulletplus | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.0 build1036 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Dragon Lte | All versions |
References (4)
Source: disclosure@vulncheck.com
ExploitThird Party Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
ExploitThird Party Advisory
Timeline
No history available yet.