← back
CVE-2020-12702

CVE-2020-12702

EPSS 0.3%
Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during the pairing process.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://dl.acm.org/doi/abs/10.1145/3411498.3419965https://github.com/salgio/ESPTouchCatcherhttps://play.google.com/store/apps/details?id=com.coolkit&hl=en_UShttps://www.youtube.com/watch?v=DghYH7WY6iE&feature=youtu.be