Lucene search
K

34 matches found

NVD
NVD
added 2023/12/30 7:15 p.m.26 views

CVE-2023-6998

Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0...

7.7CVSS0.00238EPSS
Exploits0References3
OSV
OSV
added 2023/12/30 7:15 p.m.3 views

CVE-2023-6998

Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0...

7.7CVSS5.8AI score0.00238EPSS
Exploits0References3
Prion
Prion
added 2023/12/30 7:15 p.m.14 views

Privilege escalation

Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0...

3.6CVSS6.9AI score0.00238EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/12/30 6:32 p.m.49 views

CVE-2023-6998

CVE-2023-6998 describes an improper privilege management vulnerability in CoolKit Technology’s eWeLink app for Android and iOS, where versions prior to 5.2.0 allow a lockscreen bypass. The issue is characterized as a local vulnerability with no user interaction required, potentially affecting con...

7.7CVSS7.3AI score0.00238EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/12/30 6:32 p.m.30 views

CVE-2023-6998 Lockscreen bypass in eWeLink App

Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0...

7.7CVSS7.5AI score0.00238EPSS
Exploits0References3
NVD
NVD
added 2021/05/06 9:15 p.m.25 views

CVE-2021-27941

Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application through 4.9.2 on Android and through 4.9.1 on iOS allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring th...

4.6CVSS0.00214EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/05/06 8:31 p.m.20 views

CVE-2021-27941

Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application through 4.9.2 on Android and through 4.9.1 on iOS allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring th...

5AI score0.00214EPSS
Exploits0References3
CVE
CVE
added 2021/05/06 8:31 p.m.47 views

CVE-2021-27941

The CVE-2021-27941 entry pertains to the eWeLink mobile application (QR code pairing mode) where unconstrained web access to the device’s private encryption key could let a physically proximate attacker monitor a device pairing process and eavesdrop on Wi‑Fi credentials and other sensitive inform...

4.6CVSS4.6AI score0.00214EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/05/06 12:0 a.m.5 views

IFTTT eWeLink 安全漏洞

IFTTT eWeLink is an IFTTT open source application. It provides remote switching of fans and lights, control of wind speed and dimming of lights. A security vulnerability exists in the eWeLink mobile application version 4.9.2 and earlier for Android and version 4.9.1 and earlier for iOS, which can...

4.6CVSS5.4AI score0.00214EPSS
Exploits0References3
NVD
NVD
added 2021/02/24 2:15 p.m.25 views

CVE-2020-12702

Weak encryption in the Quick Pairing mode in the eWeLink mobile application Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...

4.6CVSS0.00306EPSS
Exploits1References4
OSV
OSV
added 2021/02/24 2:15 p.m.6 views

CVE-2020-12702

Weak encryption in the Quick Pairing mode in the eWeLink mobile application Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...

4.6CVSS5.8AI score0.00306EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/02/24 1:58 p.m.31 views

CVE-2020-12702

Weak encryption in the Quick Pairing mode in the eWeLink mobile application Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...

4.4AI score0.00306EPSS
Exploits1References4
CVE
CVE
added 2021/02/24 1:58 p.m.55 views

CVE-2020-12702

CVE-2020-12702 concerns weak encryption in the Quick Pairing mode of the eWeLink mobile app (Android v4.9.2 and earlier; iOS v4.9.1 and earlier). The root cause is insufficient protection during the pairing process, enabling physically proximate attackers to eavesdrop on Wi‑Fi credentials and oth...

4.6CVSS4.2AI score0.00306EPSS
Exploits1References4Affected Software1
hackapp
hackapp
added 2017/04/30 2:48 p.m.70 views

eWeLink - Exported components, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application eWeLink published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
Rows per page
Query Builder