Technicolor TC7110.AR SNMP Vulnerability [CVE-2018-20438]

CVE Number – CVE-2018-20438

A vulnerability has been found in Technicolor TC7110.AR STD3.38.03 and classified as problematic. This vulnerability affects a functionality. The manipulation as part of a SNMP Request leads to a information disclosure vulnerability (Credentials). The CWE definition for the vulnerability is CWE-200. As an impact it is known to affect confidentiality.

The weakness was presented 12/25/2018. This vulnerability was named CVE-2018-20438 since 12/25/2018. The attack can be initiated remotely. The technical details are unknown and an exploit is not available. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment (estimation calculated on 12/26/2018).

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: