Every CVE whose affected-product data names Coolkit Ewelink, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-6998 — CVSS 7.7 (high): Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This…
CVE-2020-12702 — CVSS 4.6 (medium): Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1…
CVE-2021-27941 — CVSS 4.6 (medium): Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through…