CPE matches: cpe:2.3:o:maipu:mp1800x-50_firmware:18.104.22.168\(r\):*:*:*:*:*:*:*
The web interface of Maipu MP1800X-50 22.214.171.124(R) devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime. This is similar to CVE-2019-1653.
- Limited access to information.
- Remote attacking is possible through the network and can be done by anyone (requires no authentication).
- No user interaction is required.
- The attack is estimated to have a high success rate, once attempted.
Damage and attack conditions obtained from CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N (CVSSv3)