Vulnerabilities > Xiongmaitech > Xmeye P2P Cloud Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-10-10 CVE-2018-17919 Use of Hard-coded Credentials vulnerability in Xiongmaitech Xmeye P2P Cloud Server
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.
network
low complexity
xiongmaitech CWE-798
6.4
6.4
2018-10-10 CVE-2018-17917 Information Exposure vulnerability in Xiongmaitech Xmeye P2P Cloud Server
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs.
network
low complexity
xiongmaitech CWE-200
5.0
5.0
2018-10-10 CVE-2018-17915 Missing Encryption of Sensitive Data vulnerability in Xiongmaitech Xmeye P2P Cloud Server
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication.
network
low complexity
xiongmaitech CWE-311
6.4
6.4