Vulnerability Description
When the device is shared, the homepage module are before 2.19.0 in eWeLink Cloud Service allows Secondary user to take over devices as primary user via sharing unnecessary device-sensitive information.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2024-7205?
CVE-2024-7205 is a documented vulnerability. When the device is shared, the homepage module are before 2.19.0 in eWeLink Cloud Service allows Secondary user to take over devices as primary user via sharing unnecessary device-sensitive informati...
How severe is CVE-2024-7205?
CVSS scoring is not yet available for CVE-2024-7205. Check NVD for updates.
Is there a patch for CVE-2024-7205?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.