Vulnerabilities > Xiongmaitech

DATE CVE VULNERABILITY TITLE RISK
2018-10-10 CVE-2018-17917 Information Exposure vulnerability in Xiongmaitech Xmeye P2P Cloud Server
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs.
network
low complexity
xiongmaitech CWE-200
5.3
2018-10-10 CVE-2018-17915 Missing Encryption of Sensitive Data vulnerability in Xiongmaitech Xmeye P2P Cloud Server
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication.
network
low complexity
xiongmaitech CWE-311
critical
9.8
2018-06-08 CVE-2018-10088 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xiongmaitech Uc-Httpd 1.0.0
Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.
network
low complexity
xiongmaitech CWE-119
critical
9.8
2017-12-20 CVE-2017-16725 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xiongmaitech products
A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface.
network
low complexity
xiongmaitech CWE-119
critical
9.8
2017-04-07 CVE-2017-7577 Path Traversal vulnerability in Xiongmaitech Uc-Httpd
XiongMai uc-httpd has directory traversal allowing the reading of arbitrary files via a "GET ../" HTTP request.
network
low complexity
xiongmaitech CWE-22
critical
9.8