Описание
The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/shared_prefs/sendanywhere_device.xml.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:send-anywhere:send_anywhere:9.4.18:*:*:*:*:android:*:*
EPSS
Процентиль: 32%
0.00128
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-312
Связанные уязвимости
github
больше 3 лет назад
The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/shared_prefs/sendanywhere_device.xml.
EPSS
Процентиль: 32%
0.00128
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-312