CVE-2023-5499

Name of the Vulnerable Software and Affected Versions Shenzhen Reachfar version v28

Description The issue allows a remote attacker to retrieve all the week's logs stored in the 'log2' directory, potentially exposing sensitive information such as remembered wifi networks, sent messages, SOS device locations, and device configurations.

Recommendations For Shenzhen Reachfar version v28, consider restricting access to the 'log2' directory as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.