Critical severity9.8NVD Advisory· Published Jun 2, 2018· Updated Jun 17, 2026
CVE-2018-11681
CVE-2018-11681
Description
Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
3- sadfud.me/explotos/CVE-2018-11629nvdThird Party Advisory
- reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/nvdMitigationThird Party Advisory
- www.lutron.com/TechnicalDocumentLibrary/040249.pdfnvd
News mentions
0No linked articles in our index yet.