CVE-2018-17919
UnknownEPSS 0.99%
Last modified
CVE-2018-17919 is a vulnerability of currently unknown severity. All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.. EPSS estimates a 0.99% chance of exploitation in the next 30 days.
Description
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Xiongmaitech | Xmeye P2p Cloud Server | All versions |
References
- https://ics-cert.us-cert.gov/advisories/ICSA-18-282-06Third Party Advisory, US Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSA-18-282-06Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-17919?
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.
How severe is CVE-2018-17919?
Severity scoring for CVE-2018-17919 is pending analysis. The EPSS model estimates a 0.99% probability of exploitation in the next 30 days.
How do I fix CVE-2018-17919?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2018-17919?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST