CVE-2018-8306
MEDIUMMicrosoft Wireless Display Adapter V2 - Command Injection
Title source: llmDescription
A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka "Microsoft Wireless Display Adapter Command Injection Vulnerability." This affects Microsoft Wireless Display Adapter V2 Software.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041269
Patch, Vendor Advisory x_refsource_confirm
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104621
Scores
CVSS v3
5.5
EPSS
0.0288
EPSS Percentile
85.1%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-77
Status
published
Products (3)
microsoft/wireless_display_adapter_firmware
2.0.8350
microsoft/wireless_display_adapter_firmware
2.0.8365
microsoft/wireless_display_adapter_firmware
2.0.8372
Published
Jul 11, 2018
Tracked Since
Feb 18, 2026