Login
    Contents x
    Is Netreo affected by the DHCP Command injection vulnerability?
    • 11 Jan 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Is Netreo affected by the DHCP Command injection vulnerability?

    • Updated on 11 Jan 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Short Answer
    No. Netreo is NOT vulnerable to this exploit.

    Updated: 17 May 2018

    In May 2018, A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in CentOS, Fedora, and Red Hat Enterprise Linux. This exploit was cataloged as CVE-2018-1111. Netreo has evaluated this vulnerability and determined that our products are NOT vulnerable to these exploits, and that they pose no increased risk to Netreo appliances.

    Although our Netreo appliances do use a CentOS-based software image, Netreo and the underlying KVM image do not use DHCP and do not use the NetworkManager framework. Netreo is therefore unaffected by this vulnerability.

    Netreo also includes intrusion prevention technology to dynamically respond to attempts to gain unauthorized access. Please see theNetreo Appliance Security page for more information.

    If you have any concerns, please feel free to contact Netreo Support.

    Was this article helpful?
    What's Next
    PLATFORM
    WHY NETREO?
    SOLUTIONS BY INITIATIVE
    SOLUTIONS BY INDUSTRY
    SOLUTIONS BY JOB FUNCTION
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout