PT-2018-15348 · Netwave · Netwave Mng6200

Capitan Alfalo

·

Publicado

2018-12-23

·

Atualizado

2019-10-03

·

CVE-2018-20395

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices (affected versions not specified)
Description The issue allows remote attackers to discover credentials via specific SNMP requests, including "iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0" and "iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0".
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Insufficiently Protected Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-522

Identificadores relacionados

CVE-2018-20395

Produtos afetados

Netwave Mng6200