CVE-1999-0508

Router/FW - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-1999-0508. Includes Metasploit module auxiliary/scanner/snmp/snmp_enum.

AI-analyzed exploit summary This Metasploit module performs SNMP enumeration by querying various OIDs to gather system, network, and user information from devices with SNMP support. It does not exploit a vulnerability but leverages weak default credentials (e.g., 'public' community string).

Description

An account on a router, firewall, or other network device has a default, null, blank, or missing password.

Exploits (2)

metasploit SCANNER
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/snmp/snmp_enum.rb

This Metasploit module performs SNMP enumeration by querying various OIDs to gather system, network, and user information from devices with SNMP support. It does not exploit a vulnerability but leverages weak default credentials (e.g., 'public' community string).

Classification
Scanner 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: SNMP-enabled devices (various vendors)
Auth required
Prerequisites: SNMP service accessible · Valid SNMP community string (default: 'public')
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit SCANNER
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/snmp/snmp_login.rb

This Metasploit module scans SNMP devices for weak community strings by brute-forcing common credentials. It supports SNMP v1 and v2c, and reports successful logins with system description proof.

Classification
Scanner 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: SNMP-enabled devices (v1/v2c)
No auth needed
Prerequisites: Network access to SNMP port (161/UDP or TCP) · List of common community strings
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0508

Scores

EPSS 0.0356
EPSS Percentile 87.8%

Details

Status published
Published Jun 01, 1998
Tracked Since Feb 18, 2026