CVE-2024-3130

MEDIUM Year: 2024
CVSS v3 Score
5.7
Medium
Weakness Type
CWE-798
View all →

Vulnerability Description

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app

Related Vulnerabilities

CVE-2023-5318

MEDIUM
CVSS:5.8(Medium)

Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0.

CWE-7982023

CVE-2017-12725

MEDIUM
CVSS:5.6(Medium)

A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump with default network configuration uses hard-c...

CWE-7982017

CVE-2021-38969

MEDIUM
CVSS:5.6(Medium)

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609.

CWE-7982021

CVE-2015-7276

MEDIUM
CVSS:5.9(Medium)

Technicolor C2000T and C2100T uses hard-coded cryptographic keys.

CWE-7982015

CVE-2018-12240

MEDIUM
CVSS:5.9(Medium)

The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihoo...

CWE-7982018

CVE-2018-1650

MEDIUM
CVSS:5.5(Medium)

IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass the authentication configured by the administrator. IBM X-Force ID: 144656.

CWE-7982018