CVE DATABASE / CVE-2007-5778
CVE-2007-5778
CVSS 7.5 · HIGH
Summary
Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.
CVSS 3.1 breakdown
| Base score | 7.5 (HIGH) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | NONE |
| Availability | NONE |
Weakness type (CWE)
Affected products
Flexispy mobile spy
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://osvdb.org/43625
- http://osvdb.org/43626
- http://securityreason.com/securityalert/3333
- http://www.airscanner.com/security/07101401_mobilespy.htm
- http://www.informit.com/articles/article.aspx?p=1077909
- http://www.securityfocus.com/archive/1/482663/100/0/threaded
- http://www.securityfocus.com/bid/26177
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.