CVE-2018-12260

An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:apollotechnologiesinc:momentum_axel_720p_firmware:5.1.8:*:*:*:*:*:*:*
cpe:2.3:h:apollotechnologiesinc:momentum_axel_720p:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:44

Type Values Removed Values Added
References () https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf - Exploit, Third Party Advisory () https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf - Exploit, Third Party Advisory

Information

Published : 2018-06-12 18:29

Updated : 2024-11-21 03:44


NVD link : CVE-2018-12260

Mitre link : CVE-2018-12260

CVE.ORG link : CVE-2018-12260


JSON object : View

Products Affected

apollotechnologiesinc

  • momentum_axel_720p_firmware
  • momentum_axel_720p
CWE
CWE-522

Insufficiently Protected Credentials