CVE-2018-25146

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microhard Systems IPn4G version 1.1.0

Description An issue exists in Microhard Systems IPn4G that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring a device restart.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2018-25146

Affected Products

Bullet-3G Firmware

Bullet-Lte Firmware

Bulletplus Firmware

Dragon-Lte Firmware

Ipn3Gb Firmware

Ipn3Gii Firmware

Ipn4G Firmware

Ipn4Gb Firmware

Ipn4Gii Firmware

Vip4Gb Firmware

Vip4Gb Wifi-N Firmware

CVE-2018-25146

Weakness Enumeration

Related Identifiers

Affected Products

References · 6