CVE-2024-42496
LOWDescription
Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password. If this vulnerability is exploited, an attacker with physical access to the device may retrieve the credential information and spoof the device to access the related external service.
CVSS v3.1 Score
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2024-42496? +
How severe is CVE-2024-42496? +
How do I check if I'm vulnerable to CVE-2024-42496? +
Related Vulnerabilities
Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using …
In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) admin password is stored in configuration file as plaintext …
WF2220 exposes endpoint /cgi-bin-igd/netcore_get.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password. The vendor …
LITEON IC48A firmware versions prior to 01.00.19r and LITEON IC80A firmware versions prior to 01.01.12e store FTP-server-access-credentials in cleartext in …
An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP GET request to the …
Credentials of built-in users are insecurely stored in the User directory of PcVue projects, all versions prior to 17.0.0. A …