First published: Sun Dec 23 2018(Updated: )
ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Commscope Arris Sbg6580-2 Firmware | =d30gw-seaeagle-1.5.2.5-ga-00-nosh | |
Commscope Arris Sbg6580-2 | =3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-20386 is a vulnerability that allows remote attackers to discover credentials in ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices via SNMP requests.
CVE-2018-20386 has a severity rating of 9.8 (critical).
ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices with firmware version d30gw-seaeagle-1.5.2.5-ga-00-nosh are affected.
Remote attackers can discover credentials in CVE-2018-20386 by sending SNMP requests with the iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 OIDs.
No, only Commscope Arris Sbg6580-2 devices with firmware version d30gw-seaeagle-1.5.2.5-ga-00-nosh are affected by CVE-2018-20386.