CVE-2018-16222

CVE-2018-16222

EPSS 0.5%

Cleartext Storage of credentials in the iSmartAlarmData.xml configuration file in the iSmartAlarm application through 2.0.8 for Android allows an attacker to retrieve the username and password.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/150165/QBee-Camera-iSmartAlarm-Credential-Disclosure.html http://seclists.org/fulldisclosure/2018/Nov/2