CVE-2012-3884

EUVD-2012-3828
AirDroid 1.0.4 beta implements authentication through direct transmission of a password hash over HTTP, which makes it easier for remote attackers to obtain access by sniffing the local wireless network and then replaying the authentication data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
Affected Products (NVD)
VendorProductVersion
airdroidairdroid
1.0.4:beta
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2012-07/0087.html
http://www.tele-consulting.com/advisories/TC-SA-2012-02.txt
http://archives.neohapsis.com/archives/bugtraq/2012-07/0087.html
http://www.tele-consulting.com/advisories/TC-SA-2012-02.txt