CVE-2018-20399

Name of the Vulnerable Software and Affected Versions Motorola SBG901 version 2.10.1.1-GA-00-581-NOSH Motorola SBG941 version 2.11.0.0-GA-07-624-NOSH Motorola SVG1202 version 2.1.0.0-GA-14-LTSH

Description The issue allows remote attackers to discover credentials via specific SNMP requests, including iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0.

Recommendations For Motorola SBG901 version 2.10.1.1-GA-00-581-NOSH, restrict access to the vulnerable SNMP requests until a patch is available. For Motorola SBG941 version 2.11.0.0-GA-07-624-NOSH, consider disabling SNMP to minimize the risk of exploitation. For Motorola SVG1202 version 2.1.0.0-GA-14-LTSH, avoid using the vulnerable SNMP endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.