{"api_version":"1","generated_at":"2026-05-01T22:33:50+00:00","cve":"CVE-2018-8306","urls":{"html":"https://cve.report/CVE-2018-8306","api":"https://cve.report/api/cve/CVE-2018-8306.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-8306","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-8306"},"summary":{"title":"CVE-2018-8306","description":"A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software.","state":"PUBLIC","assigner":"secure@microsoft.com","published_at":"2018-07-11 00:29:00","updated_at":"2019-10-03 00:03:00"},"problem_types":["CWE-77"],"metrics":[],"references":[{"url":"http://www.securitytracker.com/id/1041269","name":"1041269","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"Microsoft Wireless Display Adapter Flaw in Processing Administartive Input Lets Remote Authenticated Users Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/104621","name":"104621","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Microsoft Wireless Display Adapter CVE-2018-8306 Command Injection Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306","name":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306","refsource":"CONFIRM","tags":["Patch","Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-8306","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-8306","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"8306","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"microsoft","cpe5":"wireless_display_adapter","cpe6":"2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"8306","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"microsoft","cpe5":"wireless_display_adapter","cpe6":"2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"8306","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"wireless_display_adapter_firmware","cpe6":"2.0.8350","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"8306","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"wireless_display_adapter_firmware","cpe6":"2.0.8365","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"8306","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"wireless_display_adapter_firmware","cpe6":"2.0.8372","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"8306","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"wireless_display_adapter_firmware","cpe6":"2.0.8350","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"8306","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"wireless_display_adapter_firmware","cpe6":"2.0.8365","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"8306","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"wireless_display_adapter_firmware","cpe6":"2.0.8372","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secure@microsoft.com","ID":"CVE-2018-8306","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Microsoft Wireless Display Adapter V2 Software","version":{"version_data":[{"version_value":"Version 2.0.8350"},{"version_value":"Version 2.0.8365"},{"version_value":"Version 2.0.8372"}]}}]},"vendor_name":"Microsoft"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Remote Code Execution"}]}]},"references":{"reference_data":[{"name":"1041269","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1041269"},{"name":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306","refsource":"CONFIRM","url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306"},{"name":"104621","refsource":"BID","url":"http://www.securityfocus.com/bid/104621"}]}},"nvd":{"publishedDate":"2018-07-11 00:29:00","lastModifiedDate":"2019-10-03 00:03:00","problem_types":["CWE-77"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.1,"impactScore":3.4},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:A/AC:L/Au:S/C:P/I:P/A:P","accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":5.2},"severity":"MEDIUM","exploitabilityScore":5.1,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8350:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8365:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:microsoft:wireless_display_adapter_firmware:2.0.8372:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:microsoft:wireless_display_adapter:2:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"8306","Ordinal":"124661","Title":"CVE-2018-8306","CVE":"CVE-2018-8306","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"8306","Ordinal":"1","NoteData":"A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input, aka \"Microsoft Wireless Display Adapter Command Injection Vulnerability.\" This affects Microsoft Wireless Display Adapter V2 Software.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"8306","Ordinal":"2","NoteData":"2018-07-10","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"8306","Ordinal":"3","NoteData":"2018-07-11","Type":"Other","Title":"Modified"}]}}}