CVE-2019-11321

An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
motorolacx2_firmware
1.01
motorolam2_firmware
1.01
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/TeamSeri0us/pocs/blob/master/iot/motorola.pdf
https://github.com/TeamSeri0us/pocs/blob/master/iot/motorola.pdf