CVE-2018-20398
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
Affected (5)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.0 |
| Running on/with | Platform Versions |
|---|---|
Skyworthdigital Cm5100 | Version 2.1 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.1 |
| Running on/with | Platform Versions |
|---|---|
Skyworthdigital Cm5100 440 | Version 2.1 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.1.0.14 |
| Running on/with | Platform Versions |
|---|---|
Skyworthdigital Cm5100 511 | Version 1.1 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.2 |
| Running on/with | Platform Versions |
|---|---|
Skyworthdigital Cm5100 Ghd00 | Version 2.1 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.1.0.17 |
| Running on/with | Platform Versions |
|---|---|
Skyworthdigital Cm5100.g2 | Version 5.11 |
References (4)
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Timeline
No history available yet.