Vulnerabilities > Ismartalarm > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-20 | CVE-2018-16224 | Information Exposure vulnerability in Ismartalarm Cubeone Firmware Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device. | 5.3 |
| 2018-11-20 | CVE-2018-16222 | Insufficiently Protected Credentials vulnerability in Ismartalarm Cleartext Storage of credentials in the iSmartAlarmData.xml configuration file in the iSmartAlarm application through 2.0.8 for Android allows an attacker to retrieve the username and password. | 6.8 |