CM5100-511
by Skyworth
CVEs (17)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-20398 | Cri | 0.64 | 9.8 | 0.02 | Dec 23, 2018 | Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | ||
| CVE-2023-51741 | Hig | 0.49 | 7.5 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and… | ||
| CVE-2023-51740 | Hig | 0.49 | 7.5 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and… | ||
| CVE-2023-51739 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51737 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51734 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Remote endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially… | ||
| CVE-2023-51731 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Hostname parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter… | ||
| CVE-2023-51728 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51727 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51726 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Server Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51725 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Contact Email Address parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to… | ||
| CVE-2023-51724 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the URL parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at… | ||
| CVE-2023-51723 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Description parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51722 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 3 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51721 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 2 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51720 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 1 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… | ||
| CVE-2023-51719 | Med | 0.45 | 6.9 | 0.00 | Jan 17, 2024 | This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Traceroute parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the… |
- risk 0.64cvss 9.8epss 0.02
Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
- risk 0.49cvss 7.5epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and…
- risk 0.49cvss 7.5epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this vulnerability by eavesdropping on the victim’s network traffic to extract username and…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Identity parameter under Remote endpoint settings at its web interface. A remote attacker could exploit this vulnerability by supplying specially…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Hostname parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Password parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Username parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Server Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Contact Email Address parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the URL parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Description parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 3 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 2 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Time Server 1 parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…
- risk 0.45cvss 6.9epss 0.00
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Traceroute parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the…