CVE-2018-1217

CRITICAL EXPLOITED NUCLEI

Dell EMC Avamar Server 7.3.1-7.5.0 & IDPA 2.0-2.1 - Unauthenticated Credential Read/Modify via Local Download Service

Title source: llm

Exploitation Summary

CVE-2018-1217 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including SlidingWindow. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated access control vulnerability in Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager, allowing an attacker to add or retrieve support account credentials in plain text via crafted HTTP POST requests.

Description

Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials. The LDLS credentials are used to connect to Dell EMC Online Support. If the LDLS configuration was changed to an invalid configuration, then Avamar Installation Manager may not be able to connect to Dell EMC Online Support web site successfully. The remote unauthenticated attacker can also read and use the credentials to login to Dell EMC Online Support, impersonating the AVI service actions using those credentials.

Exploits (1)

exploitdb WORKING POC

by SlidingWindow · textwebappslinux

https://www.exploit-db.com/exploits/44441

View Code ZIP pw:eip

This exploit demonstrates an unauthenticated access control vulnerability in Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager, allowing an attacker to add or retrieve support account credentials in plain text via crafted HTTP POST requests.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Dell EMC Avamar Server 7.3.1, 7.4.1, 7.5.0, Dell EMC Integrated Data Protection Appliance 2.0, 2.1

No auth needed

Prerequisites: Network access to the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control

CRITICALVERIFIEDby daffainfo

Shodan: title:"AVAMAR"

References (3)

Core 3

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44441/

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1040641

Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2018/Apr/14

Scores

CVSS v3 9.8

EPSS 0.4664

EPSS Percentile 98.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2025-02-11

CWE

CWE-862

Status published

Products (5)

dell/emc_avamar 7.3.1

dell/emc_avamar 7.4.1

dell/emc_avamar 7.5.0

dell/emc_integrated_data_protection_appliance 2.0

dell/emc_integrated_data_protection_appliance 2.1

Published Apr 09, 2018

Tracked Since Feb 18, 2026