cve/2018/CVE-2018-17919.md

### [CVE-2018-17919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17919)
![](https://img.shields.io/static/v1?label=Product&message=XMeye%20P2P%20Cloud%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=HIDDEN%20FUNCTIONALITY%20CWE-912&color=brighgreen)

### Description

All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/KostasEreksonas/Besder-6024PB-XMA501-ip-camera-security-investigation
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2018-17919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17919)`
			`![](https://img.shields.io/static/v1?label=Product&message=XMeye%20P2P%20Cloud%20Server&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=HIDDEN%20FUNCTIONALITY%20CWE-912&color=brighgreen)`

			`### Description`

			`All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/KostasEreksonas/Besder-6024PB-XMA501-ip-camera-security-investigation`