Vulnerabilities > CVE-2018-11946 - Unspecified vulnerability in Google Android

047910
CVSS 6.1 - MEDIUM
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
COMPLETE
Availability impact
NONE
low complexity
google

Summary

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, the UPnP daemon should not be running out of box because it enables port forwarding without authentication.

Vulnerable Configurations

Part Description Count
OS
Google
1