Skip to main content

Thinkserver Rd340 Firmware

2 CVEs product

Monthly

CVE-2018-9086 HIGH PATCH This Week

In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Lenovo RCE Command Injection Thinkserver Rd340 Firmware Thinkserver Rd440 Firmware +2
NVD
CVSS 3.0
7.2
EPSS
2.4%
CVE-2017-3753 MEDIUM This Month

A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Lenovo Ideacentre 300 20Ish Firmware Ideacentre 300S 11Ish Firmware +109
NVD
CVSS 3.0
6.8
EPSS
0.0%
EPSS 2% CVSS 7.2
HIGH PATCH This Week

In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Lenovo RCE Command Injection +4
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability has been identified in some Lenovo products that use UEFI (BIOS) code developed by American Megatrends, Inc. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Lenovo +111
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy