Insecure SSL Versions in Kraftway 24F2XG Router Firmware
CVE-2018-15355

5.9MEDIUM

Key Information:

Vendor: Kaspersky
Status: Kraftway
Vendor: CVE Published:; 17 August 2018

What is CVE-2018-15355?

The Kraftway 24F2XG Router firmware version 3.5.30.1118 is vulnerable due to the usage of outdated SSL protocols, specifically SSLv2 and SSLv3. This vulnerability allows attackers to exploit weaknesses in these protocols, potentially leading to the decryption of transmitted data. Users are advised to upgrade their firmware to secure their network and protect sensitive information from unauthorized access.

Affected Version(s)

Kraftway Kraftway 24F2XG Router firmware 3.5.30.1118

References

https://ics-cert.kaspersky.com/advisories/klcert-advisori...

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 17, 2018
Vulnerability Reserved
Aug 15, 2018

Kaspersky

What is CVE-2018-15355?

Affected Version(s)

References

CVSS V3.1

Timeline