Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-7205

UNKNOWN
Published 2024-07-31T05:51:03.427Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-7205. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

When the device is shared, the homepage module are before 2.19.0  in eWeLink Cloud Service allows Secondary user to take over devices as primary user via sharing unnecessary device-sensitive information.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

CoolKit

eWeLink Cloud Service

Affected Versions:

2.0.0
coolkit

ewelink

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-mc3m-jxj9-pp7c

Advisory Details

When the device is shared, the homepage module are before 2.19.0  in eWeLink Cloud Service allows Secondary user to take over devices as primary user via sharing unnecessary device-sensitive information.

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:U/V:D/RE:L/U:Green

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-7205
WEB https://ewelink.cc/security-advisory-240730

Advisory provided by GitHub Security Advisory Database. Published: July 31, 2024, Modified: July 31, 2024

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

3 posts
Reddit 1 week ago
crstux
Exploit

🔥 Top 10 Trending CVEs (02/09/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-4609](https://nvd.nist.gov/vuln/detail/CVE-2025-4609)** - 📝 Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a …

Also mentions: CVE-2025-55177 CVE-2025-58047 CVE-2025-9478 CVE-2025-57819 CVE-2025-4609 CVE-2025-43300 CVE-2025-8088 CVE-2024-7206 CVE-2018-13374
2
2.0
View Original High Risk
Reddit 1 week, 1 day ago
crstux
Exploit

🔥 Top 10 Trending CVEs (01/09/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2024-8440](https://nvd.nist.gov/vuln/detail/CVE-2024-8440)** - 📝 The Essential Addons for Elementor Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugins Fancy Text widget …

Also mentions: CVE-2025-55177 CVE-2025-57819 CVE-2025-43300 CVE-2025-0309 CVE-2025-2067 CVE-2025-29824 CVE-2024-7206 CVE-2024-8440 CVE-2014-8584
2
2.0
View Original High Risk
Reddit 1 week, 2 days ago
crstux
Exploit

🔥 Top 10 Trending CVEs (31/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-0309](https://nvd.nist.gov/vuln/detail/CVE-2025-0309)** - 📝 An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect …

Also mentions: CVE-2025-55177 CVE-2025-57819 CVE-2025-7776 CVE-2025-43300 CVE-2025-0309 CVE-2025-2067 CVE-2025-29824 CVE-2024-7206
3
3.0
View Original High Risk

References

https://ewelink.cc/security-advisory-240730/
Published: 2024-07-31T05:51:03.427Z
Last Modified: 2024-07-31T14:56:35.429Z
Copied to clipboard!