Vulnerabilities > CVE-2018-20380 - Unspecified vulnerability in Ubeeinteractive products

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ubeeinteractive

critical

NVD

Published: 2018-12-23

Updated: 2020-08-24

Summary

Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and U10C019 5.66.1026 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

Vulnerable Configurations

Part	Description	Count
OS	Ubeeinteractive Ubeeinteractive Ambit Ddw2600 Firmware 5.100.1009 Ubeeinteractive Ambit Ddw2602 Firmware 5.105.1003 Ubeeinteractive Ambit T60C926 Firmware 4.64.1012 Ubeeinteractive Ambit U10C019 Firmware 5.66.1026	4
Hardware	Ubeeinteractive Ubeeinteractive Ambit Ddw2600 - Ubeeinteractive Ambit Ddw2602 - Ubeeinteractive Ambit T60C926 - Ubeeinteractive Ambit U10C019 -	4

Summary

Vulnerable Configurations

References