Showing 1 - 2 of 2

Files from Francesco Servida

QBee Camera / iSmartAlarm Credential Disclosure: Posted Nov 5, 2018; Authored by Francesco Servida; Cleartext storage of credentials in the iSmartAlermData.xml configuration file in the iSmartAlarm application through 2.0.8 for Android allows an attacker to retrieve the username and password. Insecure cryptographic storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password. Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device.; tags | advisory, tcp, info disclosure; advisories | CVE-2018-16222, CVE-2018-16223, CVE-2018-16224; SHA-256 | d563070f90b89436eb2c6f216fcab2f75a1e9b175eab98ac4ca00e526a5582cf; Download | Favorite | View

QBee MultiSensor Camera 4.16.4 Cookie Reuse: Posted Sep 18, 2018; Authored by Francesco Servida; QBee MultiSensor Camera versions through 4.16.4 suffer from a cookie reuse vulnerability. Swisscom Home App products are also affected.; tags | advisory; advisories | CVE-2018-16225; SHA-256 | 395cd48b4a5259628c5c2ef65d18f9ea29602caac6159d66264f973c1064f529; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days