CVE-2017-14269

EE 4GEE WiFi MBB before EE600005.0031 devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content...

CVE-2017-14269

EE 4GEE WiFi MBB before EE600005.0031 devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content...

Design/Logic Flaw

EE 4GEE WiFi MBB before EE600005.0031 devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content...

CVE-2017-14268

EE 4GEE WiFi MBB before EE600005.0031 devices have XSS in the smscontent parameter in a getSMSlist request...

CVE-2017-14269

CVE-2017-14269 affects EE 4GEE WiFi MBB devices (before EE60_00_05.00_31). The vulnerability allows remote attackers to obtain sensitive data via a JSONP endpoint, demonstrated as passwords and SMS content exposure. The root cause is an insecure JSONP/endpoint handling that leaks confidential inf...

CVE-2017-14269

EE 4GEE WiFi MBB before EE600005.0031 devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content...

Information disclosure

AirDroid before 1.0.7 beta uses a cleartext base64 format for data transfer that is documented as an "Encrypted Transmission" feature, which allows remote attackers to obtain sensitive information by sniffing the local wireless network, as demonstrated by the SMS message content sent to the...