CVE-2018-18205
HIGHTopvision CC8800 CMTS C-E - Exposure of Sensitive Information via Direct Request
Title source: llmDescription
Topvision CC8800 CMTS C-E devices allow remote attackers to obtain sensitive information via a direct request for /WebContent/startup.tar.gz with userName=admin in a cookie.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://www.cnvd.org.cn/flaw/show/1420913
Third Party Advisory x_refsource_misc
https://github.com/pudding2/CC8800-CMTS
Scores
CVSS v3
7.5
EPSS
0.0258
EPSS Percentile
83.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
top-vision/cc8800ce_firmware
Published
Mar 15, 2019
Tracked Since
Feb 18, 2026