CVE-2016-1491
Last modified
CVE-2016-1491 is a vulnerability of currently unknown severity. The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.. EPSS estimates a 2.49% chance of exploitation in the next 30 days.
Description
The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | Shareit | <= 2.5.1.1 |
References
- http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.htmlThird Party Advisory, VDB Entry
- http://seclists.org/fulldisclosure/2016/Jan/67Third Party Advisory, VDB Entry
- http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilitiesThird Party Advisory
- https://support.lenovo.com/us/en/product_security/len_4058Mitigation, Vendor Advisory
- http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.htmlThird Party Advisory, VDB Entry
- http://seclists.org/fulldisclosure/2016/Jan/67Third Party Advisory, VDB Entry
- http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilitiesThird Party Advisory
- https://support.lenovo.com/us/en/product_security/len_4058Mitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-1491?
How severe is CVE-2016-1491?
How do I fix CVE-2016-1491?
Are you affected by CVE-2016-1491?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST