How severe is CVE-2018-5402?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2018-5402?

This is classified as CWE-319, which is a common weakness in software security.

CVE-2018-5402 - HIGH Severity | CVSS 8.8

Vulnerability Description

The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN Impact: An attacker once authenticated can change configurations, upload new configuration files, and upload executable code via file upload for firmware updates. Requires access to the network. Affected releases are Auto-Maskin DCU-210E, RP-210E, and the Marine Pro Observer Android App. Versions prior to 3.7 on ARMv7.

Related Vulnerabilities

CVE-2018-11050

HIGH

CVSS:8.8(High)

Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing P...

CWE-3192018

CVE-2018-8842

HIGH

CVSS:8.8(High)

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorize...

CWE-3192018

CVE-2019-12504

HIGH

CVSS:8.8(High)

Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP2002 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a vi...

CWE-3192019

CVE-2019-16924

HIGH

CVSS:8.8(High)

The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which allows remote attackers (after sniffing the network) to take control of the lock.

CWE-3192019

CVE-2019-9101

HIGH

CVSS:8.8(High)

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Sensitive information is sen...

CWE-3192019

CVE-2020-15054

HIGH

CVSS:8.8(High)

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencr...

CWE-3192020