CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-11946

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, the UPnP daemon should not be running out of box because it enables port forwarding without authentication.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.8%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 6.1

References

https://source.codeaurora.org/quic/qsdk/oss/system/feeds/routing/commit/?id=3f625190fb469cb56de619eae6b5ca8db2463d5b
https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin
https://source.codeaurora.org/quic/qsdk/oss/system/feeds/routing/commit/?id=3f625190fb469cb56de619eae6b5ca8db2463d5b
https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin

Products affected by CVE-2018-11946

Google » Android » Version: N/A

cpe:2.3:o:google:android:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-11946

Products

Pricing

Contact Us