Showing 1 - 1 of 1

CVE-2018-17915

Status Candidate

Overview

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the update server with malicious update code.

Related Files

XMeye P2P Cloud Remote Code Execution / Integrity Issues: Posted Oct 10, 2018; Authored by Stefan Viehboeck | Site sec-consult.com; XMeye P2P Cloud used with Xiongmai IP Cameras, NVRs and DVRs suffer from predictable Cloud IDs, default admin password, and various other issues that can result in remote code execution.; tags | exploit, remote, code execution; advisories | CVE-2018-17915, CVE-2018-17917, CVE-2018-17919; SHA-256 | 91c7dfdf6aeb957aa46e50283fc95205a17b991e8e99993f7b09e7fd6a521bdb; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 240 files
indoushka 87 files
Ubuntu 85 files
Debian 22 files
LiquidWorm 21 files
Gentoo 8 files
Google Security Research 8 files
malvuln 5 files
Seth Jenkins 4 files
Emiliano Febbi 4 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,147)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,669)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,125)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,946)
UNIX (9,470)
UnixWare (188)
Windows (6,784)
Other

CVE-2018-17915

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems