CVE-2018-1218

HIGH

Dell EMC NetWorker < 9.1.1.6 - Unauthenticated Denial of Service via nsrd Daemon Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-1218. PoCs published by Marek Cybul.

AI-analyzed exploit summary This exploit is a proof-of-concept for a denial-of-service (DoS) vulnerability in Dell EMC NetWorker. It sends a malformed payload to the nsrd service, causing it to crash or become unresponsive.

Description

In Dell EMC NetWorker versions prior to 9.2.1.1, versions prior to 9.1.1.6, 9.0.x, and versions prior to 8.2.4.11, the 'nsrd' daemon causes a buffer overflow condition when handling certain messages. A remote unauthenticated attacker could potentially exploit this vulnerability to cause a denial of service to the users of NetWorker systems.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Marek Cybul · pythondoslinux
https://www.exploit-db.com/exploits/44332

This exploit is a proof-of-concept for a denial-of-service (DoS) vulnerability in Dell EMC NetWorker. It sends a malformed payload to the nsrd service, causing it to crash or become unresponsive.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Dell EMC NetWorker versions prior to 9.2.1.1, 9.1.1.6, 9.0.x, and 8.2.4.11
No auth needed
Prerequisites: Network access to the target's nsrd service
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1040546
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2018/Mar/43
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44332/

Scores

CVSS v3 7.5
EPSS 0.1395
EPSS Percentile 96.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-119
Status published
Products (1)
dell/emc_networker < 9.1.1.6
Published Mar 19, 2018
Tracked Since Feb 18, 2026