Showing 1 - 1 of 1

CVE-2018-17915

Status Candidate

Overview

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the update server with malicious update code.

Related Files

XMeye P2P Cloud Remote Code Execution / Integrity Issues: Posted Oct 10, 2018; Authored by Stefan Viehboeck | Site sec-consult.com; XMeye P2P Cloud used with Xiongmai IP Cameras, NVRs and DVRs suffer from predictable Cloud IDs, default admin password, and various other issues that can result in remote code execution.; tags | exploit, remote, code execution; advisories | CVE-2018-17915, CVE-2018-17917, CVE-2018-17919; SHA-256 | 91c7dfdf6aeb957aa46e50283fc95205a17b991e8e99993f7b09e7fd6a521bdb; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 64 files
Debian 22 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,175)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,140)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,480)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,022)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2018-17915

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems