User Credentials Disclosure in Medha WiFi FTP Server Application

User Credentials Disclosure in Medha WiFi FTP Server Application

CVE-2019-11383 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml

Learn more about our Cis Benchmark Audit For Google Android.