MEDIUM🇵🇱 Wersja polska

CVE-2018-17917

CVSS 5.3v3.0pub. 2018-10-10upd. 2024-11-21

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs. Using this ID, the attacker can discover and connect to valid devices using one of the supported apps.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Xiongmaitech Xmeye P2p Cloud Server

    APP
    Xiongmaitech
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2018-17915CRITICAL9.8ten sam produkt

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communi...

CVE-2018-17919MEDIUM6.5ten sam produkt

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an u...

CVE-2025-65856CRITICAL9.8PL ✓ten sam vendor

Authentication bypass w kamerach IP Xiongmai XM530 — dostęp bez uwierzytelnienia

CVE-2022-45460CRITICAL9.8ten sam vendor

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02....

CVE-2021-41506CRITICAL9.8ten sam vendor

Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-...