CVE-2018-0677

BN-SDWBP3 firmware version 1.0.9 and earlier allows attacker with administrator rights on the same network segment to execute arbitrary OS commands via unspecified vectors.

Published : 2019-01-09 23:29 Updated : 2019-02-11 13:44

7.7
CVSS Score More info
Score 7.7 / 10
7.7
Vendor Product Version URI
Panasonic Bn-sdwbp3 Firmware 1.0.9 cpe:/o:panasonic:bn-sdwbp3_firmware:1.0.9
  1. Panasonic (1) Search CVE
    1. Bn-sdwbp3 Firmware (1) Search CVE
      1. 1.0.9

CWE

ID Name Description Links
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. CVE

History of changes

Date Event
2019-02-11 13:44
2019-01-09 23:29

New CVE