2 matches found
CVE-2019-13096
CVE-2019-13096 affects TronLink Wallet 2.2.0. The vulnerability arises from storing the user keystore in plaintext in insecure storage, allowing an attacker to read and reuse a valid user’s keystore via /data/data/com.tronlink.wallet/shared_prefs/.xml and gain unauthorized access. Publicly availa...
CVE-2019-13098
The CVE describes a password disclosure in TronLink Wallet 2.2.0 where the user password is logged during CreateWalletTwoActivity, allowing other authenticated apps/users with access to the device log (Logcat) to read it. The issue is tied to logging sensitive data and, on Android versions before...