CVE-2016-1491 - The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a

CVE-2016-1491

Summary

The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.

References

Vulnerable Configurations

cpe:2.3:a:lenovo:shareit:2.5.1.1:*:*:*:*:windows:*:*
cpe:2.3:a:lenovo:shareit:2.5.1.1:*:*:*:*:windows:*:*

CVSS

Base:	5.4 (as of 09-10-2018 - 19:59)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
ADJACENT_NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:A/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bugtraq	20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities
confirm	https://support.lenovo.com/us/en/product_security/len_4058
fulldisc	20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities
misc	http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities

Last major update

09-10-2018 - 19:59

Published

26-01-2016 - 19:59

Last modified

09-10-2018 - 19:59