The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/shared_prefs/sendanywhere_device.xml.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-312,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| send-anywhere | send_anywhere | 9.4.18 |