CVE-2018-25146

EUVD-2025-205334
Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
VulnCheckCNA
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Affected Products (NVD)
VendorProductVersion
microhardcorpipn4g_firmware
1.1.0:build1098
microhardcorpipn3gb_firmware
2.2.0:build2160
microhardcorpipn4gb_firmware
1.1.6:build1184-14
microhardcorpipn4gb_firmware
1.1.0:rev2_build1090-2
microhardcorpipn4gb_firmware
1.1.0:rev2_build1086
microhardcorpbullet-3g_firmware
1.2.0:reva_build1032
microhardcorpvip4gb_firmware
1.1.6:build_1204
microhardcorpvip4gb_firmware
1.1.6:rev3_build1184-14
microhardcorpvip4gb_wifi-n_firmware
1.1.6:rev2_build1196
microhardcorpbullet-3g_firmware
1.2.0:build1076
microhardcorpbullet-lte_firmware
1.2.0:build1078
microhardcorpipn3gii_firmware
1.2.0:build1076
microhardcorpipn4gii_firmware
1.2.0:build1078
microhardcorpbulletplus_firmware
1.3.0:build1036
microhardcorpdragon-lte_firmware
1.1.0:build1036
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.microhardcorp.com
https://www.exploit-db.com/exploits/45035
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5481.php
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5481.php