Lucene search
IcscertCVELIST:CVE-2018-17915HistoryOct 09, 2018 - 12:00 a.m.
CVE-2018-17915
2018-10-0900:00:00
CWE-311
icscert
www.cve.org
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the update server with malicious update code.
CNA Affected
[
{
"product": "XMeye P2P Cloud Server",
"vendor": "Hangzhou Xiongmai Technology Co., Ltd",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
]Related
cve
cve
CVE-2018-17915
2018-10-10 15:29:00
nvd
nvd
CVE-2018-17915
2018-10-10 15:29:00
prion
prion
Code injection
2018-10-10 15:29:00
qualysblog
qualysblog
Apple, Amazon in a Tussle with Bloomberg over Spy Chips Report
2018-10-16 15:34:43
zdt
zdt
XMeye P2P Cloud Remote Code Execution / Integrity Issues Vulnerabilities
2018-10-10 00:00:00
krebs
krebs
Naming & Shaming Web Polluters: Xiongmai
2018-10-10 00:41:56
ics
ics
Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server
2018-10-09 12:00:00
packetstorm
packetstorm
XMeye P2P Cloud Remote Code Execution / Integrity Issues
2018-10-10 00:00:00