How severe is CVE-2018-3918?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2018-3918?

This is classified as CWE-707, which is a common weakness in software security.

CVE-2018-3918

MEDIUM Year: 2018

CVSS v3 Score

6.5

Medium

CVSS v2 Score

6.4

Medium

Weakness Type

CWE-707

View all →

Vulnerability Description

An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync' operation, leading to arbitrary deletion of cameras. An attacker can send an HTTP request to trigger this vulnerability.

CVE-2021-27493

MEDIUM

CVSS:6.5(Medium)

Philips Vue PACS versions 12.2.x.x and prior does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an u...

CWE-7072021

CVE-2022-3470

MEDIUM

CVSS:6.5(Medium)

A vulnerability was found in SourceCodester Human Resource Management System. It has been classified as critical. Affected is an unknown function of the file getstatecity.php. The manipulation of the ...

CWE-7072022

CVE-2022-3473

MEDIUM

CVSS:6.5(Medium)

A vulnerability classified as critical has been found in SourceCodester Human Resource Management System. This affects an unknown part of the file getstatecity.php. The manipulation of the argument ci...

CWE-7072022

CVE-2022-3825

MEDIUM

CVSS:6.5(Medium)

A vulnerability was found in Huaxia ERP 2.3 and classified as critical. Affected by this issue is some unknown functionality of the component User Management. The manipulation of the argument login le...

CWE-7072022

CVE-2020-36608

MEDIUM

CVSS:6.1(Medium)

A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS. Affected by this issue is some unknown functionality of the file admin_organizer.js of the component...

CWE-7072020

CVE-2020-36621

MEDIUM

CVSS:6.1(Medium)

A vulnerability, which was classified as problematic, has been found in chedabob whatismyudid. Affected by this issue is the function exports.enrollment of the file routes/mobileconfig.js. The manipul...

CWE-7072020

CVE-2018-3918

Vulnerability Description

Related Vulnerabilities

CVE-2021-27493

CVE-2022-3470

CVE-2022-3473

CVE-2022-3825

CVE-2020-36608

CVE-2020-36621