MEDIUM🇬🇧 English

CVE-2018-17917

CVSS 5.3v3.0pub. 2018-10-10upd. 2024-11-21

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs. Using this ID, the attacker can discover and connect to valid devices using one of the supported apps.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Xiongmaitech Xmeye P2p Cloud Server

    APP
    Xiongmaitech
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2018-17915CRITICAL9.8ten sam produkt

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communi...

CVE-2018-17919MEDIUM6.5ten sam produkt

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an u...

CVE-2025-65856CRITICAL9.8PL ✓ten sam vendor

Authentication bypass w kamerach IP Xiongmai XM530 — dostęp bez uwierzytelnienia

CVE-2022-45460CRITICAL9.8ten sam vendor

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02....

CVE-2021-41506CRITICAL9.8ten sam vendor

Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-...