CVE-2018-10587

HIGH

NetGain EM <10.0.57 - Command Injection

Title source: llm
STIX 2.1

Description

NetGain Enterprise Manager (EM) is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code execution.

References (1)

Core 1
Core References

Scores

CVSS v3 7.2
EPSS 0.0328
EPSS Percentile 86.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (1)
netgain-systems/enterprise_manager < 10.0.57
Published Nov 01, 2018
Tracked Since Feb 18, 2026