CVE-2023-5499

Summary

Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could allow a remote attacker to retrieve all the week's logs stored in the 'log2' directory. An attacker could retrieve sensitive information such as remembered wifi networks, sent messages, SOS device locations and device configurations.

Affected Software

VendorProductVersion RangeStatus
SHENZHEN REACHFAR TECHNOLOGY COMPANY LIMITEDShenzhen Reachfar v28all versionsaffected

Weaknesses

  • CWE-532: CWE-532 Insertion of Sensitive Information into Log File

ADP Enrichment

CVE Program Container

Additional References

References