CVE-2012-3884
AirDroid 1.0.4 beta - Improper Authentication via Password Hash Replay
Title source: llmDescription
AirDroid 1.0.4 beta implements authentication through direct transmission of a password hash over HTTP, which makes it easier for remote attackers to obtain access by sniffing the local wireless network and then replaying the authentication data.
References (2)
Core 2
Core References
Exploit mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-07/0087.html
Exploit x_refsource_misc
http://www.tele-consulting.com/advisories/TC-SA-2012-02.txt
Scores
EPSS
0.0135
EPSS Percentile
68.2%
Details
CWE
CWE-287
Status
published
Products (1)
airdroid/airdroid
1.0.4 beta
Published
Jul 26, 2012
Tracked Since
Feb 18, 2026