Vulnerabilities > Coolkit

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-30	CVE-2023-6998	Unspecified vulnerability in Coolkit Ewelink Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0. local low complexity coolkit	7.7
2021-05-06	CVE-2021-27941	Insufficiently Protected Credentials vulnerability in Coolkit Ewelink Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during a device pairing process. low complexity coolkit CWE-522	4.6
2021-02-24	CVE-2020-12702	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Coolkit Ewelink Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during the pairing process. low complexity coolkit CWE-327	4.6

Vulnerabilities > Coolkit {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Coolkit"}]}