Insecure Storage of Passwords in iTrack Easy Mobile Application

Insecure Storage of Passwords in iTrack Easy Mobile Application

CVE-2016-6546 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cleartext.

Learn more about our Api Penetration Testing.