CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-20396

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile21.38th
Published2018年12月23日
Last Modified2024年11月21日

Vulnerability Description

NET&SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

Affected Platforms (CPE)

💻
Telaum

Ming2120j Firmware

= 5.76.1006c
💻
Telaum

Ming6300 Firmware

= 5.83.6305jrc2

References & Advisories

🔗 https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv
🔗 https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html
🔗 https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv
🔗 https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html

関連する脆弱性情報

CVE-2018-487210.0

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006...

CVE-2018-100012410.0

I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.p...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...

CVE-2018-1071810.0

Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to...