CVE-2018-17919

MEDIUM

XMeye P2P Cloud Server - Info Disclosure

Title source: llm

Description

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.

References (1)

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-18-282-06

Scores

CVSS v3 6.5

EPSS 0.0013

EPSS Percentile 31.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Details

CWE

CWE-912 CWE-798

Status published

Products (1)

xiongmaitech/xmeye_p2p_cloud_server

Published Oct 10, 2018

Tracked Since Feb 18, 2026