CVE-2018-20398

🗓️ 23 Dec 2018 21:01:29Reported by mitreType

CVE-2018-20398 Skyworth CM5100 devices allow remote attackers to discover credentials via SNMP requests

Reporter	Title	Published	Views	Family All 3
NVD	CVE-2018-20398	23 Dec 201821:29	–	nvd
Cvelist	CVE-2018-20398	23 Dec 201821:00	–	cvelist
Prion	Code injection	23 Dec 201821:29	–	prion

Nvd

Node

skyworthdigital cm5100_firmwareMatch1.1.0

AND

skyworthdigital cm5100Match2.1

Node

skyworthdigital cm5100-440_firmwareMatch1.2.1

AND

skyworthdigital cm5100-440Match2.1

Node

skyworthdigital cm5100-511_firmwareMatch4.1.0.14

AND

skyworthdigital cm5100-511Match1.1

Node

skyworthdigital cm5100-ghd00_firmwareMatch1.2.2

AND

skyworthdigital cm5100-ghd00Match2.1

Node

skyworthdigital cm5100.g2_firmwareMatch4.1.0.17

AND

skyworthdigital cm5100.g2Match5.11

Source	Link
github	www.github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv
misteralfa-hack	www.misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Dec 2018 21:29Current

9.4High risk

Vulners AI Score9.4

CVSS25

CVSS39.8

EPSS0.0229

CWE-522