Vulnerability Details : CVE-2018-12465
Public exploit exists!
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve unauthenticated remote code execution. Affects Micro Focus Secure Messaging Gateway versions prior to 471. It does not affect previous versions of the product that used GWAVA product name (i.e. GWAVA 6.5).
Vulnerability category: Execute code
Products affected by CVE-2018-12465
- cpe:2.3:a:microfocus:secure_messaging_gateway:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-12465
4.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2018-12465
-
MicroFocus Secure Messaging Gateway Remote Code Execution
Disclosure Date: 2018-06-19First seen: 2020-04-26exploit/linux/http/microfocus_secure_messaging_gatewayThis module exploits a SQL injection and command injection vulnerability in MicroFocus Secure Messaging Gateway. An unauthenticated user can execute a terminal command under the context of the web user. One of the user supplied parameters of API endpoint is used by the appl
CVSS scores for CVE-2018-12465
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST | |
9.1
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
2.3
|
6.0
|
SUSE | |
7.2
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
NIST |
CWE ids for CVE-2018-12465
-
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.Assigned by: meissner@suse.de (Secondary)
-
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-12465
-
https://www.exploit-db.com/exploits/45083/
Micro Focus Secure Messaging Gateway (SMG) < 471 - Remote Code Execution (Metasploit)Exploit;Third Party Advisory;VDB Entry
-
https://support.microfocus.com/kb/doc.php?id=7023133
Critical Remote Code Execution Vulnerability in SMG (CVE-2018-12465)Vendor Advisory
-
https://pentest.blog/unexpected-journey-6-all-ways-lead-to-rome-remote-code-execution-on-microfocus-secure-messaging-gateway/
Unexpected Journey #6 – All ways lead to Rome ! Remote Code Execution on MicroFocus Secure Messaging Gateway – Pentest BlogExploit;Third Party Advisory
Jump to