CVE-2018-16593
HIGHSony Bravia TV < 8.587 - OS Command Injection via Photo Sharing Plus
Title source: llmDescription
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.sony.co.uk/electronics/support/articles/00201041
Third Party Advisory x_refsource_misc
https://fortiguard.com/zeroday/FG-VD-18-036
Scores
CVSS v3
8.8
EPSS
0.0091
EPSS Percentile
55.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (8)
sony/r5c_firmware
< 8.590
sony/wd65_firmware
< 8.216
sony/wd75_firmware
< 8.216
sony/we6_firmware
< 8.464
sony/we75_firmware
< 8.464
sony/wf6_firmware
< 8.464
sony/xe70_firmware
< 8.764
sony/xf70_firmware
< 8.764
Published
Jun 19, 2019
Tracked Since
Feb 18, 2026