CVE-2019-13100

The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/shared_prefs/sendanywhere_device.xml.
References
Link Resource
https://pastebin.com/Gdd0Shgr Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:send-anywhere:send_anywhere:9.4.18:*:*:*:*:android:*:*

Information

Published : 2019-07-22 09:15

Updated : 2020-08-24 10:37


NVD link : CVE-2019-13100

Mitre link : CVE-2019-13100


JSON object : View

CWE
CWE-312

Cleartext Storage of Sensitive Information

Advertisement

dedicated server usa

Products Affected

send-anywhere

  • send_anywhere