Vulnerability identifier: #VU12162

Vulnerability risk: Low

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-6574

CWE-ID: CWE-77

Exploitation vector: Network

Exploits in database: 4

• May 27, 2022
  • exploit_CVE-2018-6574 (Exploit for Pentester Labs) [Github]
• October 15, 2021
  • CVE-2018-6574 (Exploit for remote command execution in Golang go get command.) [Github]
• March 18, 2020
  • go-get-exploit (CVE-2018-6574) [Github]
  • CVE-in-Ruby (Exploits written & ported to Ruby - no Metasploit) [Github]

Impact: Code execution

Vulnerable software:
Go programming language
Universal components / Libraries / Scripting languages

Vendor: Google