← back
CVE-2018-1185

CVE-2018-1185

EPSS 6.3%
An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Admin CLI may allow a malicious user with admin privileges to escape from the restricted shell to an interactive shell and run arbitrary commands with root privileges.
Affected products
n/a · EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, EMC RecoverPoint versions prior to 5.0.1.3
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44614/unverifiedexploitdbwww.exploit-db.com/exploits/44614unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2018/Feb/9https://www.exploit-db.com/exploits/44614/http://www.securitytracker.com/id/1040320