CVE-2023-5499
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could allow a remote attacker to retrieve all the week's logs stored in the 'log2' directory. An attacker could retrieve sensitive information such as remembered wifi networks, sent messages, SOS device locations and device configurations.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SHENZHEN REACHFAR TECHNOLOGY COMPANY LIMITED | Shenzhen Reachfar v28 | all versions | affected |
Weaknesses
- CWE-532: CWE-532 Insertion of Sensitive Information into Log File
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.