cvedb.io
CVE-2018-7259
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2018-02-20T00:29:00.207 · Last modified 2026-06-17T02:02:53.047

Summary

The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the network for cleartext HTTP traffic. This behavior was removed in 2.0.1.232.

Affected products

flightsimlabs — a320-x

Does this affect you?

Add your gear to cvedb and we'll alert you only when flightsimlabs ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.