EUVD-2023-59190

Malicious code in bioql PyPI...

CVE-2024-3130

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app...

CVE-2024-3130

CVE-2024-3130 affects CoolKit eWeLlink app prior to 5.4.x. The vulnerability is due to hard-coded credentials in the Android/iOS client, enabling a local attacker to access sensitive data via a decryption algorithm and a key obtainable after decompiling the app. Impact is confidential data exposu...

CVE-2024-3130 Insecure Data Storage leading to sensitive Information disclosure.

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app...

CVE-2023-6998 Lockscreen bypass in eWeLink App

Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0...

CVE-2021-27941

Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application through 4.9.2 on Android and through 4.9.1 on iOS allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring th...

CVE-2020-12702

Weak encryption in the Quick Pairing mode in the eWeLink mobile application Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...

CVE-2020-12702

Weak encryption in the Quick Pairing mode in the eWeLink mobile application Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...

CVE-2020-12702

CVE-2020-12702 concerns weak encryption in the Quick Pairing mode of the eWeLink mobile app (Android v4.9.2 and earlier; iOS v4.9.1 and earlier). The root cause is insufficient protection during the pairing process, enabling physically proximate attackers to eavesdrop on Wi‑Fi credentials and oth...

CVE-2020-12702

Weak encryption in the Quick Pairing mode in the eWeLink mobile application Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...