CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-11641

Use of Hard-coded Credentials in /var/www/xms/application/controllers/gatherLogs.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to interact with a web service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://d3adend.org/blog/?p=1398
https://d3adend.org/blog/?p=1398

Products affected by CVE-2018-11641

Dialogic » Powermedia Xms » Version: 3.5

cpe:2.3:a:dialogic:powermedia_xms:3.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-11641

Products

Pricing

Contact Us