EUVD-2024-23041

Malicious code in bioql PyPI...

CVE-2024-25731

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

The vulnerability of the eSmartCam surveillance application for wireless cameras of the ElinkSmart SKY30W series lies in the use of a rigidly encrypted cryptographic key called AES. This vulnerability allows a intruder to gain unauthorized access to protected information and carry out a “man-in-the-middle” attack.

The vulnerability of the eSmartCam surveillance application for wireless cameras of the ElinkSmart SKY30W series lies in the use of a rigidly encrypted cryptographic key called AES. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected...

CVE-2024-25731

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

Hardcoded credentials

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

Elink Smart eSmartCam Security Vulnerability

Elink Smart eSmartCam is a smart camera from Elink Smart. A security vulnerability exists in Elink Smart eSmartCam version 2.1.5, which stems from a vulnerability that allows an attacker to extract hard-coded AES encryption keys from a binary file...

CVE-2024-25731

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

CVE-2024-25731

The Elink Smart eSmartCam com.cn.dq.ipc application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data e.g., over Wi-Fi...

CVE-2024-25731

The CVE-2024-25731 entry concerns the Android app Elink Smart eSmartCam (com.cn.dq.ipc) 2.1.5. The vulnerability is a hardcoded AES encryption key in the binary, enabling an attacker who observes traffic (e.g., over Wi‑Fi) to defeat encryption and potentially access protected data. Supported deta...

PT-2024-1988 · Elinksmart · Esmartcam

Name of the Vulnerable Software and Affected Versions: Elink Smart eSmartCam application version 2.1.5 Description: The issue is related to the use of hardcoded AES encryption keys in the application, which can be extracted from a binary file. This allows an attacker who can observe packet data,...