CVE-2018-4924

CRITICAL

Adobe Dreamweaver < 18.0 - OS Command Injection

Title source: llm
STIX 2.1

Description

Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/103395
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1040516

Scores

CVSS v3 9.8
EPSS 0.1446
EPSS Percentile 96.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (1)
adobe/dreamweaver < 18.0
Published May 19, 2018
Tracked Since Feb 18, 2026