CVE-2018-17969

CRITICAL

Samsung Scx-6545x Firmware - Insufficiently Protected Credentials

Title source: rule

Description

Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext credentials via iso.3.6.1.4.1.236.11.5.11.81.10.1.5.0 and iso.3.6.1.4.1.236.11.5.11.81.10.1.6.0 SNMP requests.

References (1)

[Exploit, Third Party Advisory] http://misteralfa-hack.blogspot.com/2018/10/samsung-printer-passwordleak.html

Scores

CVSS v3 9.8

EPSS 0.0047

EPSS Percentile 64.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-522

Status published

Affected Products (1)

samsung/scx-6545x_firmware

Timeline

Published Oct 03, 2018

Tracked Since Feb 18, 2026