CVE-2018-17177

LOW Year: 2018
CVSS v3 Score
2.4
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-326
View all →

Vulnerability Description

An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static encryption is used for the copying of so-called "black box" logs (event logs and core dumps) to a USB stick. These logs are RC4-encrypted with a 9-character password of *^JEd4W!I that is obfuscated by hiding it within a custom /bin/rc4_crypt binary.

Related Vulnerabilities

CVE-2023-2197

LOW
CVSS:2.5(Low)

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKM_AES_CBC_PAD or CKM_AES_CBC encryption mechanisms. An attacker with...

CWE-3262023

CVE-2024-45719

LOW
CVSS:2.6(Low)

Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can...

CWE-3262024

CVE-2025-2349

LOW
CVSS:3.1(Low)

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/passwd of the component...

CWE-3262025

CVE-2023-6728

LOW
CVSS:3.3(Low)

Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows an attacker in possession of the encrypted file to decrypt the bof.cfg file and obtain the BOF configura...

CWE-3262023

CVE-2018-1785

LOW
CVSS:3.7(Low)

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.

CWE-3262018

CVE-2020-25685

LOW
CVSS:3.7(Low)

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only us...

CWE-3262020