CVE-2012-3888

Name of the Vulnerable Software and Affected Versions AirDroid version 1.0.4 beta

Description The issue allows remote attackers to bypass a multiple-login protection mechanism. This is achieved by modifying a pass value within JSON data in the login implementation.

Recommendations For AirDroid version 1.0.4 beta, consider restricting access to the login functionality until a fix is available. As a temporary workaround, avoid using the login feature with JSON data that contains a modified pass value. At the moment, there is no information about a newer version that contains a fix for this issue.