CVE-2019-13100

The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/shared_prefs/sendanywhere_device.xml.
References
Link Resource
https://pastebin.com/Gdd0Shgr Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:send-anywhere:send_anywhere:9.4.18:*:*:*:*:android:*:*

History

No history.

Information

Published : 2019-07-22 16:15

Updated : 2024-02-28 17:08


NVD link : CVE-2019-13100

Mitre link : CVE-2019-13100

CVE.ORG link : CVE-2019-13100


JSON object : View

Products Affected

send-anywhere

  • send_anywhere
CWE
CWE-312

Cleartext Storage of Sensitive Information