CVE-2018-5402— The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-5402
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN Impact: An attacker once authenticated can change configurations, upload new configuration files, and upload executable code via file upload for firmware updates. Requires access to the network. Affected releases are Auto-Maskin DCU-210E, RP-210E, and the Marine Pro Observer Android App. Versions prior to 3.7 on ARMv7.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
敏感数据的明文传输
Source: NVD (National Vulnerability Database)
Vulnerability Title
Auto-Maskin DCU-210E、RP-210E和Marine Pro Observer Android App 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Auto-Maskin DCU-210E、RP-210E和Marine Pro Observer Android App都是挪威Auto-Maskin公司的产品。Auto-Maskin DCU-210E和RP-210E都是发动机控制面板。Marine Pro Observer Android App是一款基于Android平台的发动机控制应用程序。 Auto-Maskin DCU-210E、RP-210E和Marine Pro Observer Android App 3.7之前版本(ARMv7)中存在安
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Auto-Maskin | DCU-210E | 3.7 ~ 3.7 | - | |
| Auto-Maskin | RP-210E | 3.7 ~ 3.7 | - |
II. Public POCs for CVE-2018-5402
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-5402
Please Login to view more intelligence information
- https://www.us-cert.gov/ics/advisories/icsa-20-051-04x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2018-5402
Same Patch Batch · Auto-Maskin · 2018-10-08 · 4 CVEs total
| CVE-2018-5399 | The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, | |
| CVE-2018-5400 | The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App utilize an undocume | |
| CVE-2018-5401 | The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App transmit sensitive |
IV. Related Vulnerabilities
Same weakness: CWE-319
- CVE-2025-59852
HCL DFXAnalytics is affected by an Insufficient Transport - CVE-2026-7610
TRENDnet TEW-821DAP Firmware Update ssi cleartext transmissi - CVE-2026-42514
Sensitive Data Exposure Vulnerability in e-Sushrut HMIS - CVE-2026-40431
SenseLive X3050 Cleartext transmission of sensitive informat - CVE-2026-41275
Flowise: Password Reset Link Sent Over Unsecured HTTP
V. Comments for CVE-2018-5402
No comments yet