Lucene search
+L

7 matches found

NVD
NVD
added 2019/07/19 6:15 p.m.25 views

CVE-2019-12820

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the server, use unencrypted HTTP. As an example, while logging in through the app to a Jisiwei account,...

5.6CVSS5AI score0.00479EPSS
Exploits0References1
Prion
Prion
added 2019/07/19 6:15 p.m.13 views

Code injection

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code...

5.8CVSS5.2AI score0.00949EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/07/19 6:15 p.m.20 views

Design/Logic Flaw

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the server, use unencrypted HTTP. As an example, while logging in through the app to a Jisiwei account,...

4.3CVSS4.9AI score0.00479EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/19 5:20 p.m.32 views

CVE-2019-12821

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code...

5.2AI score0.00949EPSS
Exploits0References1
CVE
CVE
added 2019/07/19 5:20 p.m.156 views

CVE-2019-12821

The CVE concerns the Shenzhen Jisiwei i3 robot vacuum cleaner’s app 2.0. A QR code used to add a device to an account encodes the device ID using a predictable pattern (JSW + six digits). An attacker can generate a QR-code with a target device ID to connect an arbitrary device and gain full acces...

5.8CVSS5.2AI score0.00949EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/19 5:18 p.m.31 views

CVE-2019-12820

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the server, use unencrypted HTTP. As an example, while logging in through the app to a Jisiwei account,...

5AI score0.00479EPSS
Exploits0References1
CVE
CVE
added 2019/07/19 5:18 p.m.150 views

CVE-2019-12820

The CVE-2019-12820 entry concerns the Shenzhen Jisiwei i3 robot vacuum cleaner app 2.0 (Android/iOS). The vulnerability is that login and other personal information communications between the app and its server are sent over unencrypted HTTP, enabling a local-network MiTM attacker to capture cred...

5.6CVSS4.9AI score0.00479EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder