How severe is CVE-2018-17915?

CVE-2018-17915 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2018-17915

Name: xmeye_p2p_cloud_server
Author: xiongmaitech

9.8CRITICAL

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allo

发布于: 10/10/2018更新于: 11/21/2024

描述

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the update server with malicious update code.

AI分析AI驱动

受影响产品

xiongmaitechxmeye_p2p_cloud_server

参考资料

https://ics-cert.us-cert.gov/advisories/ICSA-18-282-06
Third Party AdvisoryUS Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-18-282-06
Third Party AdvisoryUS Government Resource