CVE-2022-25830

CWE-200Information ExposureCWE-532Log File Information Exposure4 documents4 sources
Severity
3.3LOW
EPSS
0.1%
top 81.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Galaxy Watch3 PluginSamsung Galaxy Watch 3 Plugin
Timeline
PublishedMar 10
Latest updateMar 10

Description

Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:NExploitability: 0.5 | Impact: 1.4

Affected Packages2 packages

NVDsamsung/galaxy_watch_3_plugin< 2.2.03.22012751
CVEListV5samsung_mobile/galaxy_watch3_plugin-2.2.09.22012751

🔴Vulnerability Details

2
GHSA
GHSA-wpx8-v7hm-734g: Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 22022-03-11
CVEList
CVE-2022-25830: Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 22022-03-08

💥Exploits & PoCs

1
Exploit-DB
DataCube3 v1.0 - Unrestricted file upload 'RCE'2024-03-10
CVE-2022-25830 (LOW CVSS 3.3) | Information Exposure vulnerability | cvebase.io