Lucene search
K

4 matches found

Cvelist
Cvelist
added 2018/09/28 5:0 p.m.27 views

CVE-2018-5393 TP-Link EAP Controller versions 2.5.3 and earlier lack RMI authentication

The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation RMI service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentication for RMI service...

9.9AI score0.1286EPSS
Exploits0References2
CVE
CVE
added 2018/09/28 5:0 p.m.65 views

CVE-2018-5393

The CVE-2018-5393 issue affects TP-LINK EAP Controller (incl. Linux) with RMI-based remote control and no authentication for RMI commands in versions 2.5.3 and earlier. A deserialization attack over Java RMI could allow a remote attacker to take control of the target server and execute Java funct...

10CVSS9.9AI score0.1286EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2018/09/26 5:10 p.m.13 views

CVE-2018-5393

creationtimestamp| type| source ---|---|--- 2018-09-26 17:10:06+00:00| seen| MISP/5babbc5a-a658-4b4b-8b94-2c060a021402...

10CVSS6.9AI score0.1286EPSS
Exploits0
CERT
CERT
added 2018/09/26 12:0 a.m.670 views

TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks

Overview The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. EAP Controller for Linux lacks user authentication for RMI service commands, as well as utilizes an outdated vulnerable version of Apache commons-collections, which may allow an...

10CVSS8.2AI score0.18763EPSS
Exploits1References5
Rows per page
Query Builder