UBUNTU-CVE-2018-10092

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2018-10092

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-10092.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2018-10092

Upstream

CVE-2018-10092

Published

2018-05-22T20:29:00Z

Modified

2025-10-24T04:46:59Z

Severity

8.0 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads.

References

Affected packages

Ubuntu:16.04:LTS / dolibarr

Package

Name: dolibarr
Purl: pkg:deb/ubuntu/dolibarr@3.5.8+dfsg1-1ubuntu1?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.5.5+dfsg1-2

3.5.7+dfsg1-1

3.5.8+dfsg1-1

3.5.8+dfsg1-1ubuntu1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "dolibarr",
            "binary_version": "3.5.8+dfsg1-1ubuntu1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-10092.json"