CVE-2018-20398

Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:skyworthdigital:cm5100_firmware:1.1.0:*:*:*:*:*:*:*
cpe:2.3:h:skyworthdigital:cm5100:2.1:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:skyworthdigital:cm5100-440_firmware:1.2.1:*:*:*:*:*:*:*
cpe:2.3:h:skyworthdigital:cm5100-440:2.1:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:skyworthdigital:cm5100-511_firmware:4.1.0.14:*:*:*:*:*:*:*
cpe:2.3:h:skyworthdigital:cm5100-511:1.1:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:skyworthdigital:cm5100-ghd00_firmware:1.2.2:*:*:*:*:*:*:*
cpe:2.3:h:skyworthdigital:cm5100-ghd00:2.1:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:skyworthdigital:cm5100.g2_firmware:4.1.0.17:*:*:*:*:*:*:*
cpe:2.3:h:skyworthdigital:cm5100.g2:5.11:*:*:*:*:*:*:*

Information

Published : 2018-12-23 13:29

Updated : 2019-10-02 17:03


NVD link : CVE-2018-20398

Mitre link : CVE-2018-20398


JSON object : View

CWE
CWE-522

Insufficiently Protected Credentials

Advertisement

dedicated server usa

Products Affected

skyworthdigital

  • cm5100.g2_firmware
  • cm5100-ghd00_firmware
  • cm5100.g2
  • cm5100-511_firmware
  • cm5100-440
  • cm5100
  • cm5100-511
  • cm5100-ghd00
  • cm5100_firmware
  • cm5100-440_firmware