CVE-2018-20384

CRITICAL

iNovo Broadband IB-8120-W21 and IB-8120-W21E1 Firmware - Unauthenticated Credential Exposure via SNMP OID Requests

Title source: llm
STIX 2.1

Description

iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.0151
EPSS Percentile 71.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-522
Status published
Products (2)
inovobb/ib-8120-w21_firmware 139.4410mp1.004200.002
inovobb/ib-8120-w21e1_firmware 139.4410mp1.3921132mp1.899.004404.004
Published Dec 23, 2018
Tracked Since Feb 18, 2026