cvedb.io
CVE-2018-18908
MEDIUM · CVSS 5.9
EPSS exploitation probability: 0%
Published 2019-01-20T20:29:00.460 · Last modified 2026-06-17T01:48:06.577

Summary

The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests over cleartext HTTP. This makes the data submitted in these requests prone to Man in The Middle (MiTM) attacks, whereby an attacker would be able to obtain the data sent in these requests. Some of the requests contain potentially sensitive information that could be useful to an attacker, such as the victim's Sky username.

Affected products

sky — sky_go

Does this affect you?

Add your gear to cvedb and we'll alert you only when sky ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.