CVE-2018-1160

CRITICAL

Netatalk <3.1.12 - RCE

Title source: llm

Description

Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.

Exploits (4)

exploitdb WORKING POC VERIFIED

by muts · pythonremotemultiple

https://www.exploit-db.com/exploits/46675

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Jacob Baines · pythonremotemultiple

https://www.exploit-db.com/exploits/46034

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Tenable NS · pythondosmultiple

https://www.exploit-db.com/exploits/46048

View Code ZIP pw:eip

nomisec NO CODE

by SachinThanushka · poc

https://github.com/SachinThanushka/CVE-2018-1160

View Code ZIP pw:eip

References (11)

[Release Notes] http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/106301

[Third Party Advisory] https://attachments.samba.org/attachment.cgi?id=14735

[Release Notes, Third Party Advisory] https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/

[Third Party Advisory] https://www.debian.org/security/2018/dsa-4356

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/46034/

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/46048/

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/46675/

[Third Party Advisory] https://www.synology.com/security/advisory/Synology_SA_18_62

[Exploit, Release Notes, Third Party Advisory] https://www.tenable.com/security/research/tra-2018-48

Scores

CVSS v3 9.8

EPSS 0.8973

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (6)

debian/debian_linux 9.0

netatalk/netatalk < 3.1.12

synology/diskstation_manager 5.2 - 5.2-5967-9

synology/router_manager 1.2 - 1.2-7742-5

synology/skynas

synology/vs960hd_firmware

Published Dec 20, 2018

Tracked Since Feb 18, 2026