CVE-2012-3886

AirDroid 1.0.4 beta - Exposure of Sensitive Information via MD5 Hashing in Login Key and Cookie

Title source: llm
STIX 2.1

Description

AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireless network and then conducting a (1) brute-force attack or (2) rainbow-table attack.

References (2)

Core 2
Core References
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-07/0087.html

Scores

EPSS 0.0126
EPSS Percentile 66.2%

Details

CWE
CWE-200
Status published
Products (1)
airdroid/airdroid 1.0.4 beta
Published Jul 26, 2012
Tracked Since Feb 18, 2026