CVE-2018-16224
Description
iSmartAlarm Cube One versions up to 2.2.4.10 expose diagnostic files without authentication over TCP ports 12345 and 22306, leaking sensitive device information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
iSmartAlarm Cube One versions up to 2.2.4.10 expose diagnostic files without authentication over TCP ports 12345 and 22306, leaking sensitive device information.
Vulnerability
CVE-2018-16224 describes an incorrect access control vulnerability in the iSmartAlarm Cube One through firmware version 2.2.4.10. The device exposes its diagnostic files on TCP ports 12345 and 22306 without requiring any authentication. An attacker can send a specifically crafted TCP request to these ports to retrieve these files [1].
Exploitation
An attacker needs only network connectivity to the target device on ports 12345 or 22306. No authentication, user interaction, or privileged network position is required. The attacker simply crafts a TCP request to the open port and receives the diagnostic file in response [1].
Impact
Successful retrieval of the diagnostic files discloses sensitive information about the device, including credentials and other configuration data. This leakage can lead to full compromise of the device and may expose the user's home network to further attack [1].
Mitigation
iSmartAlarm has not released a patch for this vulnerability as of the available references. The affected firmware version is 2.2.4.10. Users should isolate the device on a separate network segment or block external access to ports 12345 and 22306 until a fix is provided. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of this writing [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <= 2.2.4.10
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
2- packetstormsecurity.com/files/150165/QBee-Camera-iSmartAlarm-Credential-Disclosure.htmlmitrex_refsource_MISC
- seclists.org/fulldisclosure/2018/Nov/2mitremailing-listx_refsource_FULLDISC
News mentions
0No linked articles in our index yet.