This security advisory describes one medium risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to software stores sensitive information into log files. A remote attacker can read the log files and gain access to sensitive data.Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.Vulnerable software versions
DreamMapper: -, 2.24CPE
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted app.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.