Search criteria
3 vulnerabilities found for TV Media Player by Western Digital
VAR-201806-0898
Vulnerability from variot - Updated: 2025-01-30 20:01The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-0898",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tv media player",
"scope": "eq",
"trust": 1.0,
"vendor": "westerndigital",
"version": "1.03.07"
},
{
"model": "tv live hub",
"scope": "eq",
"trust": 1.0,
"vendor": "westerndigital",
"version": "3.12.13"
},
{
"model": "tv live hub",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "3.12.13"
},
{
"model": "tv media player",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "1.03.07"
},
{
"model": "tv live hub",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "3.12.13"
},
{
"model": "tv media player",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "1.03.07"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:wdc:tv_live_hub_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:wdc:tv_media_player_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
}
]
},
"cve": "CVE-2018-1151",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-1151",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-121376",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1151",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1151",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-1151",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-725",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-121376",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-1151",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "VULMON",
"id": "CVE-2018-1151"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1151",
"trust": 2.7
},
{
"db": "TENABLE",
"id": "TRA-2018-14",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725",
"trust": 0.7
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-97554",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-121376",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-1151",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
}
]
},
"id": "VAR-201806-0898",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121376"
}
],
"trust": 0.02
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"home \u0026 office device",
"network device"
],
"sub_category": "TV",
"trust": 0.1
},
{
"category": [
"home \u0026 office device",
"network device"
],
"sub_category": "hub",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T20:01:05.286000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.wdc.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.tenable.com/security/research/tra-2018-14"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1151"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1151"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121376"
},
{
"date": "2018-06-12T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"date": "2018-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"date": "2018-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-725"
},
{
"date": "2018-06-12T17:29:00.397000",
"db": "NVD",
"id": "CVE-2018-1151"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-28T00:00:00",
"db": "VULHUB",
"id": "VHN-121376"
},
{
"date": "2019-05-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"date": "2018-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"date": "2019-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-725"
},
{
"date": "2024-11-21T03:59:17.530000",
"db": "NVD",
"id": "CVE-2018-1151"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital TV Media Player and TV Live Hub Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
],
"trust": 0.6
}
}
CVE-2018-1151 (GCVE-0-2018-1151)
Vulnerability from nvd – Published: 2018-06-12 17:00 – Updated: 2024-09-17 00:06
VLAI
Summary
The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi.
Severity
No CVSS data available.
CWE
- Arbitrary Code Execution
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2018-14 | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | TV Media Player |
Affected:
1.03.07
|
|
| Western Digital | TV Live Hub |
Affected:
3.12.13
|
Date Public
2018-06-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:48.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2018-14"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TV Media Player",
"vendor": "Western Digital",
"versions": [
{
"status": "affected",
"version": "1.03.07"
}
]
},
{
"product": "TV Live Hub",
"vendor": "Western Digital",
"versions": [
{
"status": "affected",
"version": "3.12.13"
}
]
}
],
"datePublic": "2018-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-12T16:57:01.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2018-14"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"DATE_PUBLIC": "2018-06-12T00:00:00",
"ID": "CVE-2018-1151",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TV Media Player",
"version": {
"version_data": [
{
"version_value": "1.03.07"
}
]
}
},
{
"product_name": "TV Live Hub",
"version": {
"version_data": [
{
"version_value": "3.12.13"
}
]
}
}
]
},
"vendor_name": "Western Digital"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2018-14",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-14"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2018-1151",
"datePublished": "2018-06-12T17:00:00.000Z",
"dateReserved": "2017-12-05T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:06:37.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1151 (GCVE-0-2018-1151)
Vulnerability from cvelistv5 – Published: 2018-06-12 17:00 – Updated: 2024-09-17 00:06
VLAI
Summary
The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi.
Severity
No CVSS data available.
CWE
- Arbitrary Code Execution
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2018-14 | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | TV Media Player |
Affected:
1.03.07
|
|
| Western Digital | TV Live Hub |
Affected:
3.12.13
|
Date Public
2018-06-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:48.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2018-14"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TV Media Player",
"vendor": "Western Digital",
"versions": [
{
"status": "affected",
"version": "1.03.07"
}
]
},
{
"product": "TV Live Hub",
"vendor": "Western Digital",
"versions": [
{
"status": "affected",
"version": "3.12.13"
}
]
}
],
"datePublic": "2018-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-12T16:57:01.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2018-14"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"DATE_PUBLIC": "2018-06-12T00:00:00",
"ID": "CVE-2018-1151",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TV Media Player",
"version": {
"version_data": [
{
"version_value": "1.03.07"
}
]
}
},
{
"product_name": "TV Live Hub",
"version": {
"version_data": [
{
"version_value": "3.12.13"
}
]
}
}
]
},
"vendor_name": "Western Digital"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2018-14",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-14"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2018-1151",
"datePublished": "2018-06-12T17:00:00.000Z",
"dateReserved": "2017-12-05T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:06:37.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}