CVE-2017-11578

Name of the Vulnerable Software and Affected Versions Blipcare device (affected versions not specified)

Description The Blipcare device, a Wireless Blood pressure monitor, allows connection to its web management interface using a non-SSL connection and the plain text HTTP protocol. Users provide their Wi-Fi credentials through this interface, enabling the device to connect to the internet. An attacker connected to the device's wireless network can easily intercept these credentials and other sensitive information using a Man-In-The-Middle (MITM) attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.