cvedb.io
CVE-2018-5402
CRITICAL · CVSS 9.1
EPSS exploitation probability: 0%
Published 2018-10-08T15:29:02.977 · Last modified 2026-06-17T02:00:15.907

Summary

The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN Impact: An attacker once authenticated can change configurations, upload new configuration files, and upload executable code via file upload for firmware updates. Requires access to the network. Affected releases are Auto-Maskin DCU-210E, RP-210E, and the Marine Pro Observer Android App. Versions prior to 3.7 on ARMv7.

Affected products

auto-maskin — rp_210e_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when auto-maskin ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.