Lucene search
+L

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-7468

Malware in sbrugna...

7.8CVSS7.9AI score0.00409EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2016-7469

Malware in sbrugna...

9.8CVSS9.5AI score0.03707EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-7470

Malware in sbrugna...

4.3CVSS5.2AI score0.01079EPSS
Exploits1References4
NVD
NVD
added 2018/07/13 8:29 p.m.14 views

CVE-2016-6548

The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. These requests contain the user's authenticated session token with the URL. An attacker can capture these requests and reuse the session token to gain full access the user's account...

9.8CVSS9.5AI score0.03707EPSS
Exploits1References3
Prion
Prion
added 2018/07/13 8:29 p.m.14 views

Code injection

The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute...

3.3CVSS7.2AI score0.01079EPSS
Exploits1References3
Prion
Prion
added 2018/07/13 8:29 p.m.15 views

Design/Logic Flaw

The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file...

2.1CVSS7.2AI score0.00409EPSS
Exploits1References3
NVD
NVD
added 2018/07/13 8:29 p.m.13 views

CVE-2016-6549

The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute...

4.3CVSS4.7AI score0.01079EPSS
Exploits1References3
NVD
NVD
added 2018/07/13 8:29 p.m.17 views

CVE-2016-6547

The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file...

7.8CVSS7.7AI score0.00409EPSS
Exploits1References3
Prion
Prion
added 2018/07/13 8:29 p.m.13 views

Design/Logic Flaw

The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. These requests contain the user's authenticated session token with the URL. An attacker can capture these requests and reuse the session token to gain full access the user's account...

5CVSS7.1AI score0.03707EPSS
Exploits1References3
Cvelist
Cvelist
added 2018/07/13 8:0 p.m.23 views

CVE-2016-6548 Zizai Tech Nut mobile application makes requests using HTTP, which includes the users session token

The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. These requests contain the user's authenticated session token with the URL. An attacker can capture these requests and reuse the session token to gain full access the user's account...

9.6AI score0.03707EPSS
Exploits1References3
Cvelist
Cvelist
added 2018/07/13 8:0 p.m.19 views

CVE-2016-6547 Zizai Tech Nut stores the account password in cleartext

The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file...

8.3AI score0.00409EPSS
Exploits1References3
Cvelist
Cvelist
added 2018/07/13 8:0 p.m.16 views

CVE-2016-6549 Zizai Tech Nut allows for unauthenticated Bluetooth pairing

The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to the device name attribute...

5.7AI score0.01079EPSS
Exploits1References3
CVE
CVE
added 2018/07/13 8:0 p.m.42 views

CVE-2016-6548

The CVE-2016-6548 entry concerns the Zizai Tech Nut mobile app, where HTTP requests leak the user’s authenticated session token in the URL. This exposes the session token to network-level observers, enabling potential account takeover since the token can be reused to access the user’s account. Th...

9.8CVSS9.6AI score0.03707EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2018/07/13 8:0 p.m.42 views

CVE-2016-6549

The CVE-2016-6549 entry concerns the Zizai Tech Nut device, where unauthenticated Bluetooth pairing enables unauthenticated connected applications to write data to the device name attribute. Affected component is the Nut device’s Bluetooth pairing/authentication logic, with impact limited to mani...

4.3CVSS4.7AI score0.01079EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2018/07/13 8:0 p.m.44 views

CVE-2016-6547

The CVE-2016-6547 issue affects the Zizai Tech Nut mobile app, where the account password used to authenticate to the cloud API is stored in cleartext in the cache.db file. This creates a local information exposure risk, enabling a user with access to the device to retrieve sensitive credentials....

7.8CVSS7.6AI score0.00409EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2016/10/28 12:0 a.m.5 views

Zizai Tech Nut Plaintext Password Vulnerability

Zizai Tech Nut is a Nut smart finder and anti-loss patch product from China's Zizai Tech. Zizai Tech Nut stores passwords in plaintext. A remote attacker could exploit this vulnerability to track a user's location...

7.8CVSS6.9AI score0.00409EPSS
Exploits1References1
CNVD
CNVD
added 2016/10/28 12:0 a.m.5 views

Zizai Tech Nut Design Vulnerability

Zizai Tech Nut is a Nut smart finder and anti-loss patch product from China's Zizai Tech. Zizai Tech Nut allows unauthorized pairing of Bluetooth devices, which can be exploited by a remote attacker to submit a special request to write data to the device name attribute...

4.3CVSS7AI score0.01079EPSS
Exploits1References1
CERT
CERT
added 2016/10/25 12:0 a.m.45 views

Zizai Tech Nut contains multiple vulnerabilities

Overview Zizai Tech Nut contains multiple vulnerabilities including sensitive information exposure and missing authentication. Description CWE-313: Cleartext Storage in a File or on Disk - CVE-2016-6547The Nut mobile app stores the account password used to authenticate to the cloud API in...

9.8CVSS6.8AI score0.03707EPSS
Exploits3References2
Rows per page
Query Builder