CVE-2016-1492
Last modified
CVE-2016-1492 is a vulnerability of currently unknown severity. The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.. EPSS estimates a 1.79% chance of exploitation in the next 30 days.
Description
The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Lenovo | Shareit | 3.0.18_ww |
References
- http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.htmlThird Party Advisory, VDB Entry
- http://seclists.org/fulldisclosure/2016/Jan/67Third Party Advisory, VDB Entry
- http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilitiesThird Party Advisory
- https://support.lenovo.com/us/en/product_security/len_4058Mitigation, Vendor Advisory
- http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.htmlThird Party Advisory, VDB Entry
- http://seclists.org/fulldisclosure/2016/Jan/67Third Party Advisory, VDB Entry
- http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilitiesThird Party Advisory
- https://support.lenovo.com/us/en/product_security/len_4058Mitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-1492?
How severe is CVE-2016-1492?
How do I fix CVE-2016-1492?
Are you affected by CVE-2016-1492?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST