Vulnerabilities > Insufficiently Protected Credentials

DATE CVE VULNERABILITY TITLE RISK
2018-12-23 CVE-2018-20389 Insufficiently Protected Credentials vulnerability in D-Link Dcm-604 Firmware and Dcm-704 Firmware
D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
d-link CWE-522
critical
 9.8
9.8
2018-12-23 CVE-2018-20388 Insufficiently Protected Credentials vulnerability in Comtrend Cm-6200Un Firmware and Cm-6300N Firmware
Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
comtrend CWE-522
critical
 9.8
9.8
2018-12-23 CVE-2018-20387 Insufficiently Protected Credentials vulnerability in Bnmux products
Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
bnmux CWE-522
critical
 9.8
9.8
2018-12-23 CVE-2018-20386 Insufficiently Protected Credentials vulnerability in Commscope Arris Sbg6580-2 Firmware D30Gwseaeagle1.5.2.5Ga00Nosh
ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
commscope CWE-522
critical
 9.8
9.8
2018-12-23 CVE-2018-20385 Insufficiently Protected Credentials vulnerability in Castlenet products
CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT 125.553mp1.39219mp1.899.005ITT, CBW383G4J 37.556mp5.008, and CBW38G4J 37.553mp1.008 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
castlenet CWE-522
critical
 9.8
9.8
2018-12-23 CVE-2018-20384 Insufficiently Protected Credentials vulnerability in Inovobb Ib-8120-W21 Firmware and Ib-8120-W21E1 Firmware
iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
inovobb CWE-522
critical
 9.8
9.8
2018-12-23 CVE-2018-20383 Insufficiently Protected Credentials vulnerability in multiple products
ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
commscope arris CWE-522
critical
 9.8
9.8
2018-12-23 CVE-2018-20382 Insufficiently Protected Credentials vulnerability in Jezetek-Intl Bcm93383Wrg Firmware 3.0.7
Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
jezetek-intl CWE-522
critical
 9.8
9.8
2018-12-20 CVE-2018-17245 Insufficiently Protected Credentials vulnerability in Elastic Kibana
Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authorization credentials are used when generating PDF reports.
network
low complexity
elastic CWE-522
critical
 9.8
9.8
2018-12-20 CVE-2018-1000851 Insufficiently Protected Credentials vulnerability in Copay Bitcoin Wallet
Copay Bitcoin Wallet version 5.01 to 5.1.0 included.
network
low complexity
copay CWE-522
critical
 9.8
9.8