CVE-2018-12260

{"id": "CVE-2018-12260", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}]}, "published": "2018-06-12T18:29:00.677", "references": [{"url": "https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-522"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices"}, {"lang": "es", "value": "Se ha descubierto un problema en dispositivos Momentum Axel 720P 5.1.8. Se puede obtener la contrase\u00f1a root en texto claro enviando el comando \"showKey\" desde la interfaz de l\u00ednea de comandos root. Esta contrase\u00f1a podr\u00eda ser la misma en todos los dispositivos."}], "lastModified": "2024-11-21T03:44:52.770", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apollotechnologiesinc:momentum_axel_720p_firmware:5.1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E6C0B73-09F5-4564-95B1-8D6EE44510B6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:apollotechnologiesinc:momentum_axel_720p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BE5DCE62-31E9-4C78-A4E4-88000392C7A2"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}