34 matches found
CVE-2023-6998
Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0...
CVE-2023-6998
Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0...
Privilege escalation
Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0...
CVE-2023-6998
CVE-2023-6998 describes an improper privilege management vulnerability in CoolKit Technology’s eWeLink app for Android and iOS, where versions prior to 5.2.0 allow a lockscreen bypass. The issue is characterized as a local vulnerability with no user interaction required, potentially affecting con...
CVE-2023-6998 Lockscreen bypass in eWeLink App
Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0...
CVE-2021-27941
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application through 4.9.2 on Android and through 4.9.1 on iOS allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring th...
CVE-2021-27941
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application through 4.9.2 on Android and through 4.9.1 on iOS allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring th...
CVE-2021-27941
The CVE-2021-27941 entry pertains to the eWeLink mobile application (QR code pairing mode) where unconstrained web access to the device’s private encryption key could let a physically proximate attacker monitor a device pairing process and eavesdrop on Wi‑Fi credentials and other sensitive inform...
IFTTT eWeLink 安全漏洞
IFTTT eWeLink is an IFTTT open source application. It provides remote switching of fans and lights, control of wind speed and dimming of lights. A security vulnerability exists in the eWeLink mobile application version 4.9.2 and earlier for Android and version 4.9.1 and earlier for iOS, which can...
CVE-2020-12702
Weak encryption in the Quick Pairing mode in the eWeLink mobile application Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...
CVE-2020-12702
Weak encryption in the Quick Pairing mode in the eWeLink mobile application Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...
CVE-2020-12702
Weak encryption in the Quick Pairing mode in the eWeLink mobile application Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...
CVE-2020-12702
CVE-2020-12702 concerns weak encryption in the Quick Pairing mode of the eWeLink mobile app (Android v4.9.2 and earlier; iOS v4.9.1 and earlier). The root cause is insufficient protection during the pairing process, enabling physically proximate attackers to eavesdrop on Wi‑Fi credentials and oth...
eWeLink - Exported components, External URLs, Native code usage vulnerabilities
HackApp vulnerability scanner discovered that application eWeLink published at the 'play' market has multiple vulnerabilities...