Martin Siklosi

Name of the Vulnerable Software and Affected Versions: Nedis SmartLife Video Doorbell (WIFICDP10GY) version 1.4.0 Nedis SmartLife IOS version 1.4.0 Description: The issue causes users who are disconnected from a previous peer-to-peer connection with the device to still have access to the live video feed. Recommendations: For Nedis SmartLife Video Doorbell (WIFICDP10GY) version 1.4.0, consider restricting access to the live video feed until a patch is available. For Nedis SmartLife IOS version 1.4.0, avoid using the app to access the live video feed of the Nedis SmartLife Video Doorbell until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nedis SmartLife android app version 1.4.0 **Description** The issue concerns an API key disclosure. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** For Nedis SmartLife android app version 1.4.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.