{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T07:42:44.835","vulnerabilities":[{"cve":{"id":"CVE-2018-9077","sourceIdentifier":"psirt@lenovo.com","published":"2018-09-28T20:29:00.970","lastModified":"2024-11-21T04:14:55.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing the name of a share, an attacker can craft a command injection payload using backtick \"``\" characters in the share : name parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter."},{"lang":"es","value":"Para algunos dispositivos NAS Iomega, Lenovo y LenovoEMC en versiones 4.1.402.34662 y anteriores, al cambiar el nombre de una compartición, un atacante puede manipular una carga útil de inyección de comandos unirse a una instalación PersonalCloud, un atacante puede manipular una carga útil de inyección de comandos utilizando caracteres de comilla hacia atrás \"``\" en el parámetro share : name. Como resultado, podrían ejecutarse comandos arbitrarios como el usuario root. El ataque requiere un valor __c y un parámetro iomega."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:lenovo:lenovoemc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"4.1.402.34662","matchCriteriaId":"807B7582-8A34-4497-A2D7-BEF260790FD1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:iomega_ez_media_\\&_backup_center:-:*:*:*:*:*:*:*","matchCriteriaId":"76CDC771-1E75-4FA2-ACAD-6B76A3B41E87"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:iomega_storcenter_ix2:-:*:*:*:*:*:*:*","matchCriteriaId":"2C6174F7-8D2C-4EA2-84B5-2F336C4921D3"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:iomega_storcenter_ix2-dl:-:*:*:*:*:*:*:*","matchCriteriaId":"E19F81E4-64E2-42F3-8BF9-0E0B2C4B901B"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:iomega_storcenter_ix4-300d:-:*:*:*:*:*:*:*","matchCriteriaId":"FDCCCF7E-0A84-44DC-A48B-577183A4BA7C"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:iomega_storcenter_px12-400r:-:*:*:*:*:*:*:*","matchCriteriaId":"D840F199-8607-470E-9AE9-97459C041C11"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:iomega_storcenter_px12-450r:-:*:*:*:*:*:*:*","matchCriteriaId":"0ED64A7B-B398-4A21-A93A-17C9CF9D6AC8"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:iomega_storcenter_px2-300d:-:*:*:*:*:*:*:*","matchCriteriaId":"B10F7589-A7F5-4CA3-A959-0FC457EC605D"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:iomega_storcenter_px4-300d:-:*:*:*:*:*:*:*","matchCriteriaId":"179EC0F5-606D-4DC2-898A-D243AB12680F"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:iomega_storcenter_px4-300r:-:*:*:*:*:*:*:*","matchCriteriaId":"D74B9A44-814D-4415-BC82-0C3BE0E6FCF1"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:iomega_storcenter_px6-300d:-:*:*:*:*:*:*:*","matchCriteriaId":"EF84CD08-A8D6-4C6E-9A4C-BC32981EF8C9"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovo_ez_media_\\&_backup_center:-:*:*:*:*:*:*:*","matchCriteriaId":"9C52F618-C9B0-470B-96BB-3BFB01797D47"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovo_ix2:-:*:*:*:*:*:*:*","matchCriteriaId":"ED38E2D0-50BE-4D0F-AD79-BCC14FBF17E7"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovo_ix4-300d:-:*:*:*:*:*:*:*","matchCriteriaId":"39F19015-369E-41F4-A543-7B56C08194B3"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovoemc_px12-400r:-:*:*:*:*:*:*:*","matchCriteriaId":"6A437398-827A-4A22-AC7B-984BABEE328A"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovoemc_px12-450r:-:*:*:*:*:*:*:*","matchCriteriaId":"24C29B73-FC3B-4440-B75B-7454E8AE5403"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovoemc_px2-300d:-:*:*:*:*:*:*:*","matchCriteriaId":"AE20E31A-28B9-4186-B3D0-60619799E8B1"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovoemc_px4-300d:-:*:*:*:*:*:*:*","matchCriteriaId":"BA4AD8BC-4BCA-4850-8058-AE4B669A4C89"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovoemc_px4-300r:-:*:*:*:*:*:*:*","matchCriteriaId":"014B2DE3-3012-4821-8CC8-A90474C95DA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovoemc_px4-400d:-:*:*:*:*:*:*:*","matchCriteriaId":"DC2EB779-CFAA-45BB-8D4B-DD6CFB31A34A"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovoemc_px4-400r:-:*:*:*:*:*:*:*","matchCriteriaId":"1C208CA2-2928-43FC-8477-895738579855"},{"vulnerable":false,"criteria":"cpe:2.3:h:lenovo:lenovoemc_px6-300d:-:*:*:*:*:*:*:*","matchCriteriaId":"0AD5BFDB-E0A0-4C36-8102-05D5F0DAA87D"}]}]}],"references":[{"url":"https://support.lenovo.com/us/en/solutions/LEN-24224","source":"psirt@lenovo.com","tags":["Vendor Advisory"]},{"url":"https://support.lenovo.com/us/en/solutions/LEN-24224","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}