Exploit for #VU12132 Command injection in iDRAC7 and iDRAC8

Exploit for #VU12132 Command injection in iDRAC7 and iDRAC8

Published: 2022-11-14

Vulnerability identifier: #VU12132

Vulnerability risk: High

CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-1207

CWE-ID: CWE-77

Exploitation vector: Network

Exploits in database: 1

November 14, 2022
- cve-2018-1207 (Exploit iDRAC 7 & 8 firmware < 2.52.52.52) [Github]

Impact: Code execution

Vulnerable software:
iDRAC7
Web applications / Remote management & hosting panels
iDRAC8
Web applications / Remote management & hosting panels

Vendor: Dell