Every CVE whose affected-product data names Nutspace Nut Mobile, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2016-6548 — CVSS 9.8 (critical): The Zizai Tech Nut mobile app makes requests via HTTP instead of HTTPS. These requests contain the user's authenticated session token with…
CVE-2016-6547 — CVSS 7.8 (high): The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file.
CVE-2016-6549 — CVSS 4.3 (medium): The Zizai Tech Nut device allows unauthenticated Bluetooth pairing, which enables unauthenticated connected applications to write data to…