Information Disclosure in Lenovo SHAREit for Windows with Hardcoded Password
CVE-2016-1491
8.8HIGH
What is CVE-2016-1491?
Lenovo SHAREit for Windows versions before 3.2.0 contains a significant security flaw that exposes users to potential information disclosure risks. Specifically, the software is configured with a hardcoded password of '12345678' for its WiFi hotspot feature, allowing unauthorized users within the WLAN coverage area to access shared files. This vulnerability emphasizes the importance of secure password practices and the risks associated with default settings in software applications.