VYPR
Unrated severityNVD Advisory· Published May 6, 2021· Updated Aug 3, 2024

CVE-2021-27941

CVE-2021-27941

Description

Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during a device pairing process.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • eWeLink/eWeLink mobile applicationdescription
  • eWeLink/eWeLinkllm-fuzzy
    Range: <=4.9.2 (Android) / <=4.9.1 (iOS)

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.