CVE-2017-11134

MEDIUM

Stashcat Heinekingmedia < 1.7.5 - Log Information Exposure

Title source: rule

Description

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The login credentials are written into a log file on the device. Hence, an attacker with access to the logs can read them.

References (1)

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2017/Jul/90

Scores

CVSS v3 6.5

EPSS 0.0026

EPSS Percentile 49.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-532

Status published

Products (2)

stashcat/heinekingmedia < 1.7.5

n/a/n/a

Published Aug 01, 2017

Tracked Since Feb 18, 2026