5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.031 Low
EPSS
Percentile
91.1%
The Netmaster CBW700N wireless cable modem enables remote SNMP public access by default
CWE-200** - Information Exposure**
The Netmaster CBW700N wireless cable modem running software version 81.447.392110.729.024 was found to expose sensitive information such as username, password, and wifi keys via the SNMP public community string.
A remote unauthenticated attacker may be able to retrieve the username, password, and other sensitive information about the device.
The CERT/CC is currently unaware of a practical solution to this problem.
259548
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: July 17, 2014 Updated: August 15, 2014
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | 5 | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Temporal | 4.3 | E:F/RL:U/RC:UC |
Environmental | 4.5 | CDP:LM/TD:M/CR:ND/IR:ND/AR:ND |
Thanks to Deral Heiland of Rapid7, Inc. for reporting this vulnerability.
This document was written by Chris King.
CVE IDs: | CVE-2014-4862 |
---|---|
Date Public: | 2014-08-21 Date First Published: |