{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"dateAssigned":"2018-06-23T00:00:00.000Z","datePublic":"2018-06-26T00:00:00.000Z","descriptions":[{"lang":"en","value":"Busybox contains a Missing SSL certificate validation vulnerability in The \"busybox wget\" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using \"busybox wget https://compromised-domain.com/important-file\"."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-09-24T19:06:28.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_MISC"],"url":"http://lists.busybox.net/pipermail/busybox/2018-May/086462.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91"},{"name":"USN-4531-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"https://usn.ubuntu.com/4531-1/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","DATE_ASSIGNED":"2018-06-23T11:22:32.999650","DATE_REQUESTED":"2018-05-27T16:58:52","ID":"CVE-2018-1000500","REQUESTER":"eschwartz@archlinux.org","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Busybox contains a Missing SSL certificate validation vulnerability in The \"busybox wget\" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using \"busybox wget https://compromised-domain.com/important-file\"."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://lists.busybox.net/pipermail/busybox/2018-May/086462.html","refsource":"MISC","url":"http://lists.busybox.net/pipermail/busybox/2018-May/086462.html"},{"name":"https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91","refsource":"CONFIRM","url":"https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91"},{"name":"USN-4531-1","refsource":"UBUNTU","url":"https://usn.ubuntu.com/4531-1/"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T12:40:47.005Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://lists.busybox.net/pipermail/busybox/2018-May/086462.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91"},{"name":"USN-4531-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"https://usn.ubuntu.com/4531-1/"}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-295","lang":"en","description":"CWE-295 Improper Certificate Validation"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":6.5,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","integrityImpact":"LOW","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"LOW"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-06-09T15:30:36.484932Z","id":"CVE-2018-1000500","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-09T15:31:44.363Z"}}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2018-1000500","datePublished":"2018-06-26T16:00:00.000Z","dateReserved":"2018-05-27T00:00:00.000Z","dateUpdated":"2025-06-09T15:31:44.363Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}