The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN Impact: An attacker once authenticated can change configurations, upload new configuration files, and upload executable code via file upload for firmware updates. Requires access to the network. Affected releases are Auto-Maskin DCU-210E, RP-210E, and the Marine Pro Observer Android App. Versions prior to 3.7 on ARMv7.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2018-10-08T15:00:00Z
Updated: 2024-09-16T17:28:38.924Z
Reserved: 2018-01-12T00:00:00
Link: CVE-2018-5402
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-10-08T15:29:02.977
Modified: 2024-11-21T04:08:44.850
Link: CVE-2018-5402
Redhat
No data.