How severe is CVE-2018-10989?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.6 out of 10.

What type of vulnerability is CVE-2018-10989?

This is classified as CWE-1188, which is a common weakness in software security.

CVE-2018-10989 - MEDIUM Severity | CVSS 6.6

Vulnerability Description

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by leveraging access to the local network. NOTE: one or more user's guides distributed by ISPs state "At a minimum, you should set a login password."

Related Vulnerabilities

CVE-2021-0468

MEDIUM

CVSS:6.6(Medium)

In LK, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege for an attacker who has physical access to the device with no addi...

CWE-11882021

CVE-2020-12732

MEDIUM

CVSS:6.5(Medium)

DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of 12345678.

CWE-11882020

CVE-2021-41192

MEDIUM

CVSS:6.5(Medium)

Redash is a package for data visualization and sharing. If an admin sets up Redash versions 10.0.0 and prior without explicitly specifying the `REDASH_COOKIE_SECRET` or `REDASH_SECRET_KEY` environment...

CWE-11882021

CVE-2022-32480

MEDIUM

CVSS:6.5(Medium)

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated atta...

CWE-11882022

CVE-2023-31101

MEDIUM

CVSS:6.5(Medium)

Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined ...

CWE-11882023

CVE-2023-5368

MEDIUM

CVSS:6.5(Medium)

On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather...

CWE-11882023