CVE-2018-20392

CVE Database · CVE-2018-20392

CVE-2018-20392

· N/AModified

CVSS v3.1

N/A

EPSS

1.65%

Published

Dec 23, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

S-A WebSTAR DPC2100 v2.0.2r1256-060303 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

Weaknesses (CWE)

CWE-522

Affected Products (2)

cisco · dpc2100_firmwarevulnerable

cisco · dpc2100

References (4)

https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv

Third Party Advisory

https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html

ExploitThird Party Advisory

https://github.com/ezelf/sensitivesOids/blob/master/oidpassswordleaks.csv

Third Party Advisory

https://misteralfa-hack.blogspot.com/2018/12/stringbleed-y-ahora-que-passwords-leaks.html

ExploitThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs