CVE-2018-17915
N/A
N/A
Summary
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the update server with malicious update code.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hangzhou Xiongmai Technology Co., Ltd | XMeye P2P Cloud Server | All versions | affected |
Weaknesses
- CWE-311: MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.