CyberSec.Space Logo
Back to CVE Browser

CVE-2018-20401

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0450%
EPSS Percentile28.61th
PublishedDec 23, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

Zoom 5352 v5.5.8.6Y devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

Affected Platforms (CPE)

πŸ’»
Zoomtel

5352 Firmware

= 5.5.8.6y

References & Advisories

πŸ”— https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv
πŸ”— https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html
πŸ”— https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv
πŸ”— https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html

Related Vulnerabilities

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...