CVE-2012-3888

EUVD-2012-3832
The login implementation in AirDroid 1.0.4 beta allows remote attackers to bypass a multiple-login protection mechanism by modifying a pass value within JSON data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
airdroidairdroid
1.0.4:beta
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2012-07/0087.html
http://www.tele-consulting.com/advisories/TC-SA-2012-02.txt
http://archives.neohapsis.com/archives/bugtraq/2012-07/0087.html
http://www.tele-consulting.com/advisories/TC-SA-2012-02.txt