[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-1111":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":75,"aliases":118,"duplicate_of":9,"upstream":119,"downstream":120,"duplicates":143,"related":144,"reserved_at":9,"published_at":145,"modified_at":146,"state":147,"summary":148,"references_raw":156,"kevs":253,"epss":254,"epss_history":257,"metrics":457,"affected":470},"CVE-2018-1111","DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.",null,[11,40],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-78","Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.","weakness","Stable","Base","High",[20,24,28,32,36],{"id":21,"name":22,"techniques":23},"CAPEC-108","Command Line Execution through SQL Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-15","Command Delimiters",[],{"id":29,"name":30,"techniques":31},"CAPEC-43","Exploiting Multiple Input Interpretation Layers",[],{"id":33,"name":34,"techniques":35},"CAPEC-6","Argument Injection",[],{"id":37,"name":38,"techniques":39},"CAPEC-88","OS Command Injection",[],{"_key":41,"id":41,"name":42,"description":43,"type":15,"status":44,"abstraction":45,"likelihood_of_exploit":18,"capec":46},"CWE-77","Improper Neutralization of Special Elements used in a Command ('Command Injection')","The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.","Draft","Class",[47,51,53,57,61,65,67,71],{"id":48,"name":49,"techniques":50},"CAPEC-136","LDAP Injection",[],{"id":25,"name":26,"techniques":52},[],{"id":54,"name":55,"techniques":56},"CAPEC-183","IMAP/SMTP Command Injection",[],{"id":58,"name":59,"techniques":60},"CAPEC-248","Command Injection",[],{"id":62,"name":63,"techniques":64},"CAPEC-40","Manipulating Writeable Terminal Devices",[],{"id":29,"name":30,"techniques":66},[],{"id":68,"name":69,"techniques":70},"CAPEC-75","Manipulating Writeable Configuration Files",[],{"id":72,"name":73,"techniques":74},"CAPEC-76","Manipulating Web Input to File System Calls",[],[76,90,99],{"_key":77,"name":78,"source":79,"url":80,"maturity":81,"reliability_score":82,"verified":83,"type":84,"platforms":85,"requires_auth":9,"exploitdb":87,"metasploit":9},"44652","DynoRoot DHCP Client - Command Injection","exploit-database","https://www.exploit-db.com/exploits/44652","weaponized",0.8,true,"local",[86],"linux",{"verified":83,"type":84,"platform":86,"file":88,"codes":89},"exploits/linux/local/44652.py",[7],{"_key":91,"name":92,"source":79,"url":93,"maturity":81,"reliability_score":82,"verified":83,"type":94,"platforms":95,"requires_auth":9,"exploitdb":96,"metasploit":9},"44890","DHCP Client - Command Injection 'DynoRoot' (Metasploit)","https://www.exploit-db.com/exploits/44890","remote",[86],{"verified":83,"type":94,"platform":86,"file":97,"codes":98},"exploits/linux/remote/44890.rb",[7],{"_key":100,"name":101,"source":102,"url":103,"maturity":81,"reliability_score":104,"verified":83,"type":94,"platforms":105,"requires_auth":106,"exploitdb":9,"metasploit":107},"MSF_EXPLOIT_UNIX_DHCP_RHEL_DHCP_CLIENT_COMMAND_INJECTION","DHCP Client Command Injection (DynoRoot)","metasploit","https://github.com/rapid7/metasploit-framework/blob/master/modules/exploit/unix/dhcp/rhel_dhcp_client_command_injection.rb",1,[],false,{"fullname":108,"rank":109,"rank_name":110,"post_auth":106,"check":106,"notes":111},"exploit/unix/dhcp/rhel_dhcp_client_command_injection",600,"excellent",{"Stability":112,"SideEffects":114,"Reliability":116},[113],"crash-safe",[115],"ioc-in-logs",[117],"repeatable-session",[],[],[121,123,125,127,129,131,133,135,137,139,141],{"_key":122},"RHSA-2018:1453",{"_key":124},"RHSA-2018:1454",{"_key":126},"RHSA-2018:1455",{"_key":128},"RHSA-2018:1456",{"_key":130},"RHSA-2018:1457",{"_key":132},"RHSA-2018:1458",{"_key":134},"RHSA-2018:1459",{"_key":136},"RHSA-2018:1460",{"_key":138},"RHSA-2018:1461",{"_key":140},"RHSA-2018:1524",{"_key":142},"RHSA-2018:1525",[],[],"2018-05-17T16:00:00.000Z","2024-08-05T03:51:48.789Z","Modified",{"cisa_kev":106,"cisa_ransomware":106,"cisa_vendor":9,"epss_severity":149,"epss_score":150,"severity":151,"severity_score":152,"severity_version":153,"severity_source":154,"severity_vector":155,"severity_status":147},"critical",0.88233,"high",7.9,"v2.0","nvd","AV:A/AC:M/Au:N/C:C/I:C/A:C",[157,165,169,174,178,185,189,194,198,203,207,211,215,219,223,227,231,235,241,245,249],{"url":158,"sources":159,"tags":161},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1111",[160,154],"cve.org",[162,163,164],"X Refsource CONFIRM","Issue Tracking","Vendor Advisory",{"url":166,"sources":167,"tags":168},"https://www.tenable.com/security/tns-2018-10",[160,154],[162],{"url":170,"sources":171,"tags":172},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDJA4QRR74TMXW34Q3DYYFPVBYRTJBI7/",[160,154],[164,173],"X Refsource FEDORA",{"url":175,"sources":176,"tags":177},"https://access.redhat.com/security/vulnerabilities/3442151",[160,154],[162,164],{"url":179,"sources":180,"tags":181},"http://www.securityfocus.com/bid/104195",[160,154],[182,183,184],"VDB Entry","X Refsource BID","Third Party Advisory",{"url":186,"sources":187,"tags":188},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMTTB54QNTPD2SK6UL32EVQHMZP6BUUD/",[160,154],[164,173],{"url":190,"sources":191,"tags":192},"http://www.securitytracker.com/id/1040912",[160,154],[182,193,184],"X Refsource SECTRACK",{"url":195,"sources":196,"tags":197},"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",[160,154],[162],{"url":199,"sources":200,"tags":201},"https://access.redhat.com/errata/RHSA-2018:1454",[160,154],[164,202],"X Refsource REDHAT",{"url":204,"sources":205,"tags":206},"https://access.redhat.com/errata/RHSA-2018:1455",[160,154],[164,202],{"url":208,"sources":209,"tags":210},"https://access.redhat.com/errata/RHSA-2018:1457",[160,154],[164,202],{"url":212,"sources":213,"tags":214},"https://access.redhat.com/errata/RHSA-2018:1459",[160,154],[164,202],{"url":216,"sources":217,"tags":218},"https://access.redhat.com/errata/RHSA-2018:1453",[160,154],[164,202],{"url":220,"sources":221,"tags":222},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CDCLLCHYFFXW354HMB5QBXOQOY5BH2EJ/",[160,154],[164,173],{"url":224,"sources":225,"tags":226},"https://access.redhat.com/errata/RHSA-2018:1524",[160,154],[164,202],{"url":228,"sources":229,"tags":230},"https://access.redhat.com/errata/RHSA-2018:1456",[160,154],[164,202],{"url":232,"sources":233,"tags":234},"https://access.redhat.com/errata/RHSA-2018:1461",[160,154],[164,202],{"url":236,"sources":237,"tags":238},"https://www.exploit-db.com/exploits/44652/",[160,154],[239,240,184,182],"Exploit","X Refsource EXPLOIT DB",{"url":242,"sources":243,"tags":244},"https://www.exploit-db.com/exploits/44890/",[160,154],[239,240,184,182],{"url":246,"sources":247,"tags":248},"https://access.redhat.com/errata/RHSA-2018:1458",[160,154],[164,202],{"url":250,"sources":251,"tags":252},"https://access.redhat.com/errata/RHSA-2018:1460",[160,154],[164,202],[],{"date":255,"score":150,"percentile":256},"2026-06-04",0.99508,[258,262,265,267,269,272,274,276,278,280,282,284,286,288,290,294,296,299,301,303,305,307,309,311,313,315,317,319,323,325,327,331,333,335,337,339,341,344,346,349,351,353,355,357,360,362,364,366,369,371,373,375,377,379,381,383,385,387,389,392,394,396,398,400,402,404,406,408,410,412,414,416,418,420,422,424,426,428,430,432,434,437,439,441,444,446,448,450,452,455],{"date":259,"score":260,"percentile":261},"2025-11-04",0.89375,0.99516,{"date":263,"score":260,"percentile":264},"2025-11-05",0.99515,{"date":266,"score":260,"percentile":264},"2025-11-06",{"date":268,"score":260,"percentile":264},"2025-11-07",{"date":270,"score":260,"percentile":271},"2025-11-08",0.99514,{"date":273,"score":260,"percentile":271},"2025-11-09",{"date":275,"score":260,"percentile":271},"2025-11-10",{"date":277,"score":260,"percentile":264},"2025-11-11",{"date":279,"score":260,"percentile":264},"2025-11-12",{"date":281,"score":260,"percentile":261},"2025-11-13",{"date":283,"score":260,"percentile":264},"2025-11-14",{"date":285,"score":260,"percentile":261},"2025-11-15",{"date":287,"score":260,"percentile":261},"2025-11-16",{"date":289,"score":260,"percentile":261},"2025-11-17",{"date":291,"score":292,"percentile":293},"2025-11-18",0.89158,0.99625,{"date":295,"score":292,"percentile":293},"2025-11-19",{"date":297,"score":292,"percentile":298},"2025-11-20",0.99626,{"date":300,"score":260,"percentile":271},"2025-11-21",{"date":302,"score":260,"percentile":271},"2025-11-22",{"date":304,"score":260,"percentile":271},"2025-11-23",{"date":306,"score":260,"percentile":271},"2025-11-24",{"date":308,"score":260,"percentile":271},"2025-11-25",{"date":310,"score":260,"percentile":271},"2025-11-26",{"date":312,"score":260,"percentile":271},"2025-11-27",{"date":314,"score":260,"percentile":271},"2025-11-28",{"date":316,"score":260,"percentile":271},"2025-11-29",{"date":318,"score":260,"percentile":271},"2025-11-30",{"date":320,"score":321,"percentile":322},"2025-12-01",0.88839,0.99497,{"date":324,"score":321,"percentile":322},"2025-12-02",{"date":326,"score":321,"percentile":322},"2025-12-03",{"date":328,"score":329,"percentile":330},"2025-12-04",0.89183,0.99506,{"date":332,"score":329,"percentile":330},"2025-12-05",{"date":334,"score":329,"percentile":330},"2025-12-06",{"date":336,"score":329,"percentile":330},"2025-12-07",{"date":338,"score":329,"percentile":256},"2025-12-08",{"date":340,"score":329,"percentile":256},"2025-12-09",{"date":342,"score":329,"percentile":343},"2025-12-10",0.9951,{"date":345,"score":329,"percentile":343},"2025-12-11",{"date":347,"score":329,"percentile":348},"2025-12-12",0.99511,{"date":350,"score":329,"percentile":348},"2025-12-13",{"date":352,"score":329,"percentile":343},"2025-12-14",{"date":354,"score":329,"percentile":343},"2025-12-15",{"date":356,"score":329,"percentile":348},"2025-12-16",{"date":358,"score":329,"percentile":359},"2025-12-17",0.99512,{"date":361,"score":329,"percentile":348},"2025-12-18",{"date":363,"score":329,"percentile":359},"2025-12-19",{"date":365,"score":329,"percentile":359},"2025-12-20",{"date":367,"score":329,"percentile":368},"2025-12-21",0.99513,{"date":370,"score":329,"percentile":368},"2025-12-22",{"date":372,"score":329,"percentile":368},"2025-12-23",{"date":374,"score":329,"percentile":368},"2025-12-24",{"date":376,"score":329,"percentile":368},"2025-12-25",{"date":378,"score":329,"percentile":368},"2025-12-26",{"date":380,"score":329,"percentile":264},"2025-12-27",{"date":382,"score":329,"percentile":359},"2025-12-28",{"date":384,"score":329,"percentile":368},"2025-12-29",{"date":386,"score":329,"percentile":359},"2025-12-30",{"date":388,"score":329,"percentile":368},"2025-12-31",{"date":390,"score":321,"percentile":391},"2026-01-01",0.99504,{"date":393,"score":321,"percentile":391},"2026-01-02",{"date":395,"score":321,"percentile":391},"2026-01-03",{"date":397,"score":329,"percentile":271},"2026-01-04",{"date":399,"score":329,"percentile":368},"2026-01-05",{"date":401,"score":329,"percentile":368},"2026-01-06",{"date":403,"score":329,"percentile":368},"2026-01-07",{"date":405,"score":329,"percentile":368},"2026-01-08",{"date":407,"score":329,"percentile":359},"2026-01-09",{"date":409,"score":329,"percentile":368},"2026-01-10",{"date":411,"score":329,"percentile":368},"2026-01-11",{"date":413,"score":329,"percentile":368},"2026-01-12",{"date":415,"score":329,"percentile":368},"2026-01-13",{"date":417,"score":329,"percentile":368},"2026-01-14",{"date":419,"score":329,"percentile":271},"2026-01-15",{"date":421,"score":329,"percentile":271},"2026-01-16",{"date":423,"score":329,"percentile":261},"2026-01-17",{"date":425,"score":329,"percentile":261},"2026-01-18",{"date":427,"score":329,"percentile":261},"2026-01-19",{"date":429,"score":329,"percentile":261},"2026-01-20",{"date":431,"score":329,"percentile":261},"2026-01-21",{"date":433,"score":329,"percentile":261},"2026-01-22",{"date":435,"score":329,"percentile":436},"2026-01-23",0.99517,{"date":438,"score":329,"percentile":436},"2026-01-24",{"date":440,"score":329,"percentile":436},"2026-01-25",{"date":442,"score":329,"percentile":443},"2026-01-26",0.99518,{"date":445,"score":329,"percentile":443},"2026-01-27",{"date":447,"score":329,"percentile":443},"2026-01-28",{"date":449,"score":329,"percentile":443},"2026-01-29",{"date":451,"score":329,"percentile":436},"2026-01-30",{"date":453,"score":329,"percentile":454},"2026-01-31",0.99519,{"date":456,"score":321,"percentile":359},"2026-02-01",[458,465],{"source":160,"cvss_v2_0":9,"cvss_v3_0":459,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":460,"baseSeverity":461,"vectorString":462,"impactScore":463,"exploitabilityScore":464},7.5,"HIGH","CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",9.8,4.1,{"source":154,"cvss_v2_0":466,"cvss_v3_0":469,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":152,"baseSeverity":9,"vectorString":155,"impactScore":467,"exploitabilityScore":468},10,5.5,{"baseScore":460,"baseSeverity":461,"vectorString":462,"impactScore":463,"exploitabilityScore":464},[471,479,490,497,522,528,534,540,548],{"ecosystem":9,"name":472,"vendor":473,"product":472,"cpe_part":474,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":475},"dhcp","fedora","a",[476],{"version":477,"is_range":106,"range_type":160,"version_start":477,"version_start_type":478,"version_end":477,"version_end_type":478,"fixed_in":9},"Fedora 28","including",{"ecosystem":9,"name":473,"vendor":480,"product":473,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":482},"fedoraproject","o",[483,486,488],{"version":484,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"26","cpe",{"version":487,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"27",{"version":489,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"28",{"ecosystem":9,"name":472,"vendor":491,"product":472,"cpe_part":474,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":492},"red hat",[493,495],{"version":494,"is_range":106,"range_type":160,"version_start":494,"version_start_type":478,"version_end":494,"version_end_type":478,"fixed_in":9},"Red Hat Enterprise Linux 6",{"version":496,"is_range":106,"range_type":160,"version_start":496,"version_start_type":478,"version_end":496,"version_end_type":478,"fixed_in":9},"Red Hat Enterprise Linux 7",{"ecosystem":9,"name":498,"vendor":499,"product":500,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":501},"enterprise linux","redhat","enterprise_linux",[502,504,506,508,510,512,514,516,518,520],{"version":503,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":505,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.4",{"version":507,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.5",{"version":509,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.6",{"version":511,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.7",{"version":513,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"version":515,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.2",{"version":517,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.3",{"version":519,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.4",{"version":521,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.5",{"ecosystem":9,"name":523,"vendor":499,"product":524,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":525},"enterprise linux desktop","enterprise_linux_desktop",[526,527],{"version":503,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":513,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":529,"vendor":499,"product":530,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":531},"enterprise linux server","enterprise_linux_server",[532,533],{"version":503,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":513,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":535,"vendor":499,"product":536,"cpe_part":481,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":537},"enterprise linux workstation","enterprise_linux_workstation",[538,539],{"version":503,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":513,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":541,"vendor":499,"product":542,"cpe_part":474,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":543},"enterprise virtualization","enterprise_virtualization",[544,546],{"version":545,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0",{"version":547,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.2",{"ecosystem":9,"name":549,"vendor":499,"product":550,"cpe_part":474,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":551},"enterprise virtualization host","enterprise_virtualization_host",[552],{"version":545,"is_range":106,"range_type":485,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]