PT-2018-14431 · Escan · Escan Agent Application

Published

2018-12-20

Updated

2020-08-24

CVE-2018-18388

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions eScan Agent Application version 4.0.2.98

Description The issue allows remote or local attackers to execute arbitrary commands by sending a carefully crafted payload to the TCP port 2222.

Recommendations For version 4.0.2.98, consider restricting access to TCP port 2222 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-18388

Affected Products

Escan Agent Application

PT-2018-14431 · Escan · Escan Agent Application

CVE-2018-18388

Related Identifiers

Affected Products

References · 3