CVE-2018-1000049

CVE: CVE-2018-1000049
Published: 2018-02-09T23:29Z
Vendor: nanopool
Products: claymore_dual_miner
Versions: 7.3,
Description Language: en
Description: nanopool Claymore Dual Miner version 7.3 and earlier contains a Remote Code Execution vulnerability in API that can result in RCE by abusing the remote manager API. This attack appear to be exploitable via The victim must run the miner with read/write mode enabled.
References:
https://reversebrain.github.io/2018/02/01/Claymore-Dual-Miner-Remote-Code-Execution/