CVE-2018-1000049

Published: Feb 9, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://twitter.com/ReverseBrain/status/951850534985662464

x_refsource_MISC

45044

exploit

x_refsource_EXPLOIT-DB

44638

exploit

x_refsource_EXPLOIT-DB

https://reversebrain.github.io/2018/02/01/Claymore-Dual-Miner-Remote-Code-Execution/

x_refsource_MISC

http://www.rapid7.com/db/modules/exploit/multi/misc/claymore_dual_miner_remote_manager_rce

x_refsource_MISC

http://packetstormsecurity.com/files/147678/Nanopool-Claymore-Dual-Miner-7.3-Remote-Code-Execution.html

x_refsource_MISC

http://packetstormsecurity.com/files/148578/Nanopool-Claymore-Dual-Miner-APIs-Remote-Code-Execution.html

x_refsource_MISC

https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2018/1000xxx/CVE-2018-1000049.json

x_refsource_MISC

https://reversebrain.github.io/2018/02/01/Claymore-Dual-Miner-Remote-Code-Execution

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-1000049

Description

Affected Products

References