CVE-2018-6624
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct request to the .html file for a specific screen, as demonstrated by monitor.html.
Los dispositivos OMRON NS desde la versión 1.1 hasta la 1.3 permite que los atacantes remotos omitan la autenticación mediante una petición directa al archivo .html para una pantalla específica, tal y como queda demostrado en monitor.html.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-02-05 CVE Reserved
- 2018-02-05 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-425: Direct Request ('Forced Browsing')
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| http://misteralfa-hack.blogspot.cl/2018/02/otomron-login-bypass.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Omron Search vendor "Omron" | Ns Series Firmware Search vendor "Omron" for product "Ns Series Firmware" | >= 1.1 <= 1.3 Search vendor "Omron" for product "Ns Series Firmware" and version " >= 1.1 <= 1.3" | - |
Affected
| in | Omron Search vendor "Omron" | Ns10 Search vendor "Omron" for product "Ns10" | - | - |
Safe
|
| Omron Search vendor "Omron" | Ns Series Firmware Search vendor "Omron" for product "Ns Series Firmware" | >= 1.1 <= 1.3 Search vendor "Omron" for product "Ns Series Firmware" and version " >= 1.1 <= 1.3" | - |
Affected
| in | Omron Search vendor "Omron" | Ns12 Search vendor "Omron" for product "Ns12" | - | - |
Safe
|
| Omron Search vendor "Omron" | Ns Series Firmware Search vendor "Omron" for product "Ns Series Firmware" | >= 1.1 <= 1.3 Search vendor "Omron" for product "Ns Series Firmware" and version " >= 1.1 <= 1.3" | - |
Affected
| in | Omron Search vendor "Omron" | Ns15 Search vendor "Omron" for product "Ns15" | - | - |
Safe
|
| Omron Search vendor "Omron" | Ns Series Firmware Search vendor "Omron" for product "Ns Series Firmware" | >= 1.1 <= 1.3 Search vendor "Omron" for product "Ns Series Firmware" and version " >= 1.1 <= 1.3" | - |
Affected
| in | Omron Search vendor "Omron" | Ns5 Search vendor "Omron" for product "Ns5" | - | - |
Safe
|
| Omron Search vendor "Omron" | Ns Series Firmware Search vendor "Omron" for product "Ns Series Firmware" | >= 1.1 <= 1.3 Search vendor "Omron" for product "Ns Series Firmware" and version " >= 1.1 <= 1.3" | - |
Affected
| in | Omron Search vendor "Omron" | Ns8 Search vendor "Omron" for product "Ns8" | - | - |
Safe
|
| Omron Search vendor "Omron" | Ns Series Firmware Search vendor "Omron" for product "Ns Series Firmware" | >= 1.1 <= 1.3 Search vendor "Omron" for product "Ns Series Firmware" and version " >= 1.1 <= 1.3" | - |
Affected
| in | Omron Search vendor "Omron" | Nsh5 Search vendor "Omron" for product "Nsh5" | - | - |
Safe
|