Ewelink Security Vulnerabilities and Issues — Ewelink CVE List

Lucene search

CoolkitEwelink

3 matches found

CVE•added 2021/02/24 2:15 p.m.•33 views

CVE-2020-12702

Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during th...

4.6CVSS4.2AI score0.0043EPSS

CVE•added 2023/12/30 7:15 p.m.•32 views

CVE-2023-6998

Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0.

7.7CVSS7.3AI score0.00016EPSS

CVE•added 2021/05/06 9:15 p.m.•28 views

CVE-2021-27941

Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring th...

4.6CVSS4.6AI score0.00116EPSS