Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
25 vulnerabilities by rakuten
CVE-2025-13476 (GCVE-0-2025-13476)
Vulnerability from nvd – Published: 2026-03-05 16:53 – Updated: 2026-03-06 10:36
VLAI
Title
Rakuten Viber uses broken or risky cryptographic Algorithm
Summary
Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
2 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten Viber | Rakuten Viber Cloak - Android |
Affected:
25.7.2.0g , < 27.2.0.0g
(custom)
|
|
| Rakuten Viber | Rakuten Viber Cloak - Windows |
Affected:
v25.6.0.0 , < v27.3.0.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-03-05T18:35:24.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/772695"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-13476",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-06T10:34:45.858741Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T10:36:09.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Viber Cloak - Android",
"vendor": "Rakuten Viber",
"versions": [
{
"lessThan": "27.2.0.0g",
"status": "affected",
"version": "25.7.2.0g",
"versionType": "custom"
}
]
},
{
"product": "Rakuten Viber Cloak - Windows",
"vendor": "Rakuten Viber",
"versions": [
{
"lessThan": "v27.3.0.0",
"status": "affected",
"version": "v25.6.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0\u2013v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-693",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T16:53:32.465Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.viber.com/en/download/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rakuten Viber uses broken or risky cryptographic Algorithm",
"x_generator": {
"engine": "VINCE 3.0.32",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-13476"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-13476",
"datePublished": "2026-03-05T16:53:32.465Z",
"dateReserved": "2025-11-20T12:38:19.605Z",
"dateUpdated": "2026-03-06T10:36:09.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-55996 (GCVE-0-2025-55996)
Vulnerability from nvd – Published: 2025-09-12 00:00 – Updated: 2025-09-12 15:48
VLAI
Summary
Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface
Severity
6.3 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-55996",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-12T15:46:56.114657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T15:48:01.652Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T15:02:57.404Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/thawkhant/viber-desktop-html-injection"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-55996",
"datePublished": "2025-09-12T00:00:00.000Z",
"dateReserved": "2025-08-16T00:00:00.000Z",
"dateUpdated": "2025-09-12T15:48:01.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41918 (GCVE-0-2024-41918)
Vulnerability from nvd – Published: 2024-08-29 02:47 – Updated: 2024-08-29 23:58
VLAI
Summary
'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten Ichiba App' for iOS 11.7.0 and earlier are vulnerable to improper authorization in handler for custom URL scheme. An arbitrary site may be displayed on the WebView of the product via Intent from another application installed on the user's device. As a result, the user may be redirected to an unauthorized site, and the user may become a victim of a phishing attack.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Improper authorization in handler for custom URL scheme
- CWE-939 - Improper Authorization in Handler for Custom URL Scheme
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten Group, Inc. | 'Rakuten Ichiba App' for Android |
Affected:
12.4.0 and earlier
|
|
| Rakuten Group, Inc. | 'Rakuten Ichiba App' for iOS |
Affected:
11.7.0 and earlier
|
|
| rakuten | ichiba |
Affected:
0 , < 12.4.0
(custom)
Affected: 0 , < 11.7.0 (custom) cpe:2.3:a:rakuten:ichiba:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rakuten:ichiba:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ichiba",
"vendor": "rakuten",
"versions": [
{
"lessThan": "12.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41918",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:48:47.314508Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-939",
"description": "CWE-939 Improper Authorization in Handler for Custom URL Scheme",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:48:51.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "\u0027Rakuten Ichiba App\u0027 for Android",
"vendor": "Rakuten Group, Inc.",
"versions": [
{
"status": "affected",
"version": "12.4.0 and earlier"
}
]
},
{
"product": "\u0027Rakuten Ichiba App\u0027 for iOS",
"vendor": "Rakuten Group, Inc.",
"versions": [
{
"status": "affected",
"version": "11.7.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\u0027Rakuten Ichiba App\u0027 for Android 12.4.0 and earlier and \u0027Rakuten Ichiba App\u0027 for iOS 11.7.0 and earlier are vulnerable to improper authorization in handler for custom URL scheme. An arbitrary site may be displayed on the WebView of the product via Intent from another application installed on the user\u0027s device. As a result, the user may be redirected to an unauthorized site, and the user may become a victim of a phishing attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper authorization in handler for custom URL scheme",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T23:58:41.985Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://play.google.com/store/apps/details?id=jp.co.rakuten.android\u0026hl=en"
},
{
"url": "https://apps.apple.com/jp/app/id419267350"
},
{
"url": "https://jvn.jp/en/jp/JVN56648919/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-41918",
"datePublished": "2024-08-29T02:47:19.480Z",
"dateReserved": "2024-07-25T00:40:40.647Z",
"dateUpdated": "2024-08-29T23:58:41.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29525 (GCVE-0-2022-29525)
Vulnerability from nvd – Published: 2022-06-13 04:50 – Updated: 2024-08-03 06:26
VLAI
Summary
Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation.
Severity
No CVSS data available.
CWE
- Use of Hard-coded credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://network.mobile.rakuten.co.jp/information/… | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN46892984/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten Mobile, Inc. | Rakuten Casa |
Affected:
version AP_F_V1_4_1 or AP_F_V2_0_0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Casa",
"vendor": "Rakuten Mobile, Inc.",
"versions": [
{
"status": "affected",
"version": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T04:50:33.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-29525",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Casa",
"version": {
"version_data": [
{
"version_value": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
}
]
},
"vendor_name": "Rakuten Mobile, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://network.mobile.rakuten.co.jp/information/news/product/1033/",
"refsource": "MISC",
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"name": "https://jvn.jp/en/jp/JVN46892984/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-29525",
"datePublished": "2022-06-13T04:50:33.000Z",
"dateReserved": "2022-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:26:05.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28704 (GCVE-0-2022-28704)
Vulnerability from nvd – Published: 2022-06-13 04:50 – Updated: 2024-08-03 06:03
VLAI
Summary
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings.
Severity
No CVSS data available.
CWE
- Improper Access Control
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://network.mobile.rakuten.co.jp/information/… | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN46892984/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten Mobile, Inc. | Rakuten Casa |
Affected:
version AP_F_V1_4_1 or AP_F_V2_0_0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Casa",
"vendor": "Rakuten Mobile, Inc.",
"versions": [
{
"status": "affected",
"version": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T04:50:31.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-28704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Casa",
"version": {
"version_data": [
{
"version_value": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
}
]
},
"vendor_name": "Rakuten Mobile, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://network.mobile.rakuten.co.jp/information/news/product/1033/",
"refsource": "MISC",
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"name": "https://jvn.jp/en/jp/JVN46892984/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-28704",
"datePublished": "2022-06-13T04:50:32.000Z",
"dateReserved": "2022-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:03:52.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26834 (GCVE-0-2022-26834)
Vulnerability from nvd – Published: 2022-06-13 04:50 – Updated: 2024-08-03 05:11
VLAI
Summary
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default.
Severity
No CVSS data available.
CWE
- Improper Access Control
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://network.mobile.rakuten.co.jp/information/… | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN46892984/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten Mobile, Inc. | Rakuten Casa |
Affected:
version AP_F_V1_4_1 or AP_F_V2_0_0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:11:44.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Casa",
"vendor": "Rakuten Mobile, Inc.",
"versions": [
{
"status": "affected",
"version": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T04:50:27.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-26834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Casa",
"version": {
"version_data": [
{
"version_value": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
}
]
},
"vendor_name": "Rakuten Mobile, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://network.mobile.rakuten.co.jp/information/news/product/1033/",
"refsource": "MISC",
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"name": "https://jvn.jp/en/jp/JVN46892984/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-26834",
"datePublished": "2022-06-13T04:50:27.000Z",
"dateReserved": "2022-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T05:11:44.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14049 (GCVE-0-2020-14049)
Vulnerability from nvd – Published: 2020-06-22 17:27 – Updated: 2024-08-04 12:32
VLAI
Summary
Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.viber.com/en/security/ | x_refsource_MISC |
| https://jeffs.sh/CVEs/CVE-2020-14049.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.viber.com/en/security/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jeffs.sh/CVEs/CVE-2020-14049.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-22T17:27:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.viber.com/en/security/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jeffs.sh/CVEs/CVE-2020-14049.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-14049",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.viber.com/en/security/",
"refsource": "MISC",
"url": "https://www.viber.com/en/security/"
},
{
"name": "https://jeffs.sh/CVEs/CVE-2020-14049.txt",
"refsource": "MISC",
"url": "https://jeffs.sh/CVEs/CVE-2020-14049.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-14049",
"datePublished": "2020-06-22T17:27:35.000Z",
"dateReserved": "2020-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:32:14.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-3987 (GCVE-0-2018-3987)
Vulnerability from nvd – Published: 2020-02-12 23:36 – Updated: 2024-08-05 04:57
VLAI
Summary
An exploitable information disclosure vulnerability exists in the 'Secret Chats' functionality of Rakuten Viber on Android 9.3.0.6. The 'Secret Chats' functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this functionality which leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device.
Severity
4.2 (Medium)
CWE
- information disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://talosintelligence.com/vulnerability_repor… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Rakuten Viber |
Affected:
Rakuten Viber Android 9.3.0.6
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:57:24.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Viber",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rakuten Viber Android 9.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exploitable information disclosure vulnerability exists in the \u0027Secret Chats\u0027 functionality of Rakuten Viber on Android 9.3.0.6. The \u0027Secret Chats\u0027 functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this functionality which leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:07:34.000Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2018-3987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Viber",
"version": {
"version_data": [
{
"version_value": "Rakuten Viber Android 9.3.0.6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable information disclosure vulnerability exists in the \u0027Secret Chats\u0027 functionality of Rakuten Viber on Android 9.3.0.6. The \u0027Secret Chats\u0027 functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this functionality which leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device."
}
]
},
"impact": {
"cvss": {
"baseScore": 4.2,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2018-3987",
"datePublished": "2020-02-12T23:36:14.000Z",
"dateReserved": "2018-01-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T04:57:24.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6024 (GCVE-0-2019-6024)
Vulnerability from nvd – Published: 2019-12-26 15:16 – Updated: 2024-08-04 20:16
VLAI
Summary
Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user's authentication information via a malicious application created by the third party.
Severity
No CVSS data available.
CWE
- Authentication bypass
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://play.google.com/store/apps/details?id=jp.… | x_refsource_MISC |
| https://apps.apple.com/jp/app/furimaapuri-furiru-… | x_refsource_MISC |
| http://jvn.jp/en/jp/JVN41566067/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten, Inc. | Rakuma App |
Affected:
for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:16:23.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN41566067/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuma App",
"vendor": "Rakuten, Inc.",
"versions": [
{
"status": "affected",
"version": "for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user\u0027s authentication information via a malicious application created by the third party."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-26T15:16:50.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/jp/JVN41566067/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-6024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuma App",
"version": {
"version_data": [
{
"version_value": "for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier"
}
]
}
}
]
},
"vendor_name": "Rakuten, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user\u0027s authentication information via a malicious application created by the third party."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en",
"refsource": "MISC",
"url": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en"
},
{
"name": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998",
"refsource": "MISC",
"url": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998"
},
{
"name": "http://jvn.jp/en/jp/JVN41566067/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN41566067/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-6024",
"datePublished": "2019-12-26T15:16:50.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:16:23.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18800 (GCVE-0-2019-18800)
Vulnerability from nvd – Published: 2019-11-06 15:34 – Updated: 2024-08-05 02:02
VLAI
Summary
Viber through 11.7.0.5 allows a remote attacker who can capture a victim's internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim's device contains cleartext information such as the device model and OS version, IMSI, and 20 bytes of udid in a binary format, which is located at offset 0x14 of this packet. Then, the attacker installs Viber on his device, initiates the registration process for any phone number, but doesn't enter a pin from SMS. Instead, he closes Viber. Next, the attacker rewrites his udid with the victim's udid, modifying the viber_udid file, which is located in the Viber preferences folder. (The udid is stored in a hexadecimal format.) Finally, the attacker starts Viber again and enters the pin from SMS.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://thesamarkand.tumblr.com/post/188785277609… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Viber through 11.7.0.5 allows a remote attacker who can capture a victim\u0027s internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim\u0027s device contains cleartext information such as the device model and OS version, IMSI, and 20 bytes of udid in a binary format, which is located at offset 0x14 of this packet. Then, the attacker installs Viber on his device, initiates the registration process for any phone number, but doesn\u0027t enter a pin from SMS. Instead, he closes Viber. Next, the attacker rewrites his udid with the victim\u0027s udid, modifying the viber_udid file, which is located in the Viber preferences folder. (The udid is stored in a hexadecimal format.) Finally, the attacker starts Viber again and enters the pin from SMS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-13T16:33:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Viber through 11.7.0.5 allows a remote attacker who can capture a victim\u0027s internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim\u0027s device contains cleartext information such as the device model and OS version, IMSI, and 20 bytes of udid in a binary format, which is located at offset 0x14 of this packet. Then, the attacker installs Viber on his device, initiates the registration process for any phone number, but doesn\u0027t enter a pin from SMS. Instead, he closes Viber. Next, the attacker rewrites his udid with the victim\u0027s udid, modifying the viber_udid file, which is located in the Viber preferences folder. (The udid is stored in a hexadecimal format.) Finally, the attacker starts Viber again and enters the pin from SMS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day",
"refsource": "MISC",
"url": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18800",
"datePublished": "2019-11-06T15:34:07.000Z",
"dateReserved": "2019-11-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12569 (GCVE-0-2019-12569)
Vulnerability from nvd – Published: 2019-06-03 00:50 – Updated: 2024-08-04 23:24
VLAI
Summary
A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user, if the attacker can place a crafted library in a directory that is accessible to the vulnerable system.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/active-labs/Advisories/blob/ma… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:38.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user, if the attacker can place a crafted library in a directory that is accessible to the vulnerable system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T18:19:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user, if the attacker can place a crafted library in a directory that is accessible to the vulnerable system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md",
"refsource": "MISC",
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12569",
"datePublished": "2019-06-03T00:50:00.000Z",
"dateReserved": "2019-06-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:24:38.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-13476 (GCVE-0-2025-13476)
Vulnerability from cvelistv5 – Published: 2026-03-05 16:53 – Updated: 2026-03-06 10:36
VLAI
Title
Rakuten Viber uses broken or risky cryptographic Algorithm
Summary
Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
2 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten Viber | Rakuten Viber Cloak - Android |
Affected:
25.7.2.0g , < 27.2.0.0g
(custom)
|
|
| Rakuten Viber | Rakuten Viber Cloak - Windows |
Affected:
v25.6.0.0 , < v27.3.0.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-03-05T18:35:24.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/772695"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-13476",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-06T10:34:45.858741Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T10:36:09.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Viber Cloak - Android",
"vendor": "Rakuten Viber",
"versions": [
{
"lessThan": "27.2.0.0g",
"status": "affected",
"version": "25.7.2.0g",
"versionType": "custom"
}
]
},
{
"product": "Rakuten Viber Cloak - Windows",
"vendor": "Rakuten Viber",
"versions": [
{
"lessThan": "v27.3.0.0",
"status": "affected",
"version": "v25.6.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0\u2013v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-693",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T16:53:32.465Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.viber.com/en/download/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rakuten Viber uses broken or risky cryptographic Algorithm",
"x_generator": {
"engine": "VINCE 3.0.32",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-13476"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-13476",
"datePublished": "2026-03-05T16:53:32.465Z",
"dateReserved": "2025-11-20T12:38:19.605Z",
"dateUpdated": "2026-03-06T10:36:09.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-55996 (GCVE-0-2025-55996)
Vulnerability from cvelistv5 – Published: 2025-09-12 00:00 – Updated: 2025-09-12 15:48
VLAI
Summary
Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface
Severity
6.3 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-55996",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-12T15:46:56.114657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T15:48:01.652Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T15:02:57.404Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/thawkhant/viber-desktop-html-injection"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-55996",
"datePublished": "2025-09-12T00:00:00.000Z",
"dateReserved": "2025-08-16T00:00:00.000Z",
"dateUpdated": "2025-09-12T15:48:01.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41918 (GCVE-0-2024-41918)
Vulnerability from cvelistv5 – Published: 2024-08-29 02:47 – Updated: 2024-08-29 23:58
VLAI
Summary
'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten Ichiba App' for iOS 11.7.0 and earlier are vulnerable to improper authorization in handler for custom URL scheme. An arbitrary site may be displayed on the WebView of the product via Intent from another application installed on the user's device. As a result, the user may be redirected to an unauthorized site, and the user may become a victim of a phishing attack.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Improper authorization in handler for custom URL scheme
- CWE-939 - Improper Authorization in Handler for Custom URL Scheme
Assigner
References
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten Group, Inc. | 'Rakuten Ichiba App' for Android |
Affected:
12.4.0 and earlier
|
|
| Rakuten Group, Inc. | 'Rakuten Ichiba App' for iOS |
Affected:
11.7.0 and earlier
|
|
| rakuten | ichiba |
Affected:
0 , < 12.4.0
(custom)
Affected: 0 , < 11.7.0 (custom) cpe:2.3:a:rakuten:ichiba:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rakuten:ichiba:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ichiba",
"vendor": "rakuten",
"versions": [
{
"lessThan": "12.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41918",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:48:47.314508Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-939",
"description": "CWE-939 Improper Authorization in Handler for Custom URL Scheme",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:48:51.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "\u0027Rakuten Ichiba App\u0027 for Android",
"vendor": "Rakuten Group, Inc.",
"versions": [
{
"status": "affected",
"version": "12.4.0 and earlier"
}
]
},
{
"product": "\u0027Rakuten Ichiba App\u0027 for iOS",
"vendor": "Rakuten Group, Inc.",
"versions": [
{
"status": "affected",
"version": "11.7.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\u0027Rakuten Ichiba App\u0027 for Android 12.4.0 and earlier and \u0027Rakuten Ichiba App\u0027 for iOS 11.7.0 and earlier are vulnerable to improper authorization in handler for custom URL scheme. An arbitrary site may be displayed on the WebView of the product via Intent from another application installed on the user\u0027s device. As a result, the user may be redirected to an unauthorized site, and the user may become a victim of a phishing attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper authorization in handler for custom URL scheme",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T23:58:41.985Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://play.google.com/store/apps/details?id=jp.co.rakuten.android\u0026hl=en"
},
{
"url": "https://apps.apple.com/jp/app/id419267350"
},
{
"url": "https://jvn.jp/en/jp/JVN56648919/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-41918",
"datePublished": "2024-08-29T02:47:19.480Z",
"dateReserved": "2024-07-25T00:40:40.647Z",
"dateUpdated": "2024-08-29T23:58:41.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29525 (GCVE-0-2022-29525)
Vulnerability from cvelistv5 – Published: 2022-06-13 04:50 – Updated: 2024-08-03 06:26
VLAI
Summary
Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation.
Severity
No CVSS data available.
CWE
- Use of Hard-coded credentials
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://network.mobile.rakuten.co.jp/information/… | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN46892984/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten Mobile, Inc. | Rakuten Casa |
Affected:
version AP_F_V1_4_1 or AP_F_V2_0_0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Casa",
"vendor": "Rakuten Mobile, Inc.",
"versions": [
{
"status": "affected",
"version": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T04:50:33.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-29525",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Casa",
"version": {
"version_data": [
{
"version_value": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
}
]
},
"vendor_name": "Rakuten Mobile, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://network.mobile.rakuten.co.jp/information/news/product/1033/",
"refsource": "MISC",
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"name": "https://jvn.jp/en/jp/JVN46892984/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-29525",
"datePublished": "2022-06-13T04:50:33.000Z",
"dateReserved": "2022-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:26:05.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28704 (GCVE-0-2022-28704)
Vulnerability from cvelistv5 – Published: 2022-06-13 04:50 – Updated: 2024-08-03 06:03
VLAI
Summary
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings.
Severity
No CVSS data available.
CWE
- Improper Access Control
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://network.mobile.rakuten.co.jp/information/… | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN46892984/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten Mobile, Inc. | Rakuten Casa |
Affected:
version AP_F_V1_4_1 or AP_F_V2_0_0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Casa",
"vendor": "Rakuten Mobile, Inc.",
"versions": [
{
"status": "affected",
"version": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T04:50:31.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-28704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Casa",
"version": {
"version_data": [
{
"version_value": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
}
]
},
"vendor_name": "Rakuten Mobile, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://network.mobile.rakuten.co.jp/information/news/product/1033/",
"refsource": "MISC",
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"name": "https://jvn.jp/en/jp/JVN46892984/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-28704",
"datePublished": "2022-06-13T04:50:32.000Z",
"dateReserved": "2022-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:03:52.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26834 (GCVE-0-2022-26834)
Vulnerability from cvelistv5 – Published: 2022-06-13 04:50 – Updated: 2024-08-03 05:11
VLAI
Summary
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default.
Severity
No CVSS data available.
CWE
- Improper Access Control
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://network.mobile.rakuten.co.jp/information/… | x_refsource_MISC |
| https://jvn.jp/en/jp/JVN46892984/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten Mobile, Inc. | Rakuten Casa |
Affected:
version AP_F_V1_4_1 or AP_F_V2_0_0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:11:44.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Casa",
"vendor": "Rakuten Mobile, Inc.",
"versions": [
{
"status": "affected",
"version": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T04:50:27.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-26834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Casa",
"version": {
"version_data": [
{
"version_value": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
}
]
},
"vendor_name": "Rakuten Mobile, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://network.mobile.rakuten.co.jp/information/news/product/1033/",
"refsource": "MISC",
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"name": "https://jvn.jp/en/jp/JVN46892984/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-26834",
"datePublished": "2022-06-13T04:50:27.000Z",
"dateReserved": "2022-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T05:11:44.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14049 (GCVE-0-2020-14049)
Vulnerability from cvelistv5 – Published: 2020-06-22 17:27 – Updated: 2024-08-04 12:32
VLAI
Summary
Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.viber.com/en/security/ | x_refsource_MISC |
| https://jeffs.sh/CVEs/CVE-2020-14049.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.viber.com/en/security/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jeffs.sh/CVEs/CVE-2020-14049.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-22T17:27:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.viber.com/en/security/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jeffs.sh/CVEs/CVE-2020-14049.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-14049",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.viber.com/en/security/",
"refsource": "MISC",
"url": "https://www.viber.com/en/security/"
},
{
"name": "https://jeffs.sh/CVEs/CVE-2020-14049.txt",
"refsource": "MISC",
"url": "https://jeffs.sh/CVEs/CVE-2020-14049.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-14049",
"datePublished": "2020-06-22T17:27:35.000Z",
"dateReserved": "2020-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:32:14.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-3987 (GCVE-0-2018-3987)
Vulnerability from cvelistv5 – Published: 2020-02-12 23:36 – Updated: 2024-08-05 04:57
VLAI
Summary
An exploitable information disclosure vulnerability exists in the 'Secret Chats' functionality of Rakuten Viber on Android 9.3.0.6. The 'Secret Chats' functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this functionality which leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device.
Severity
4.2 (Medium)
CWE
- information disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://talosintelligence.com/vulnerability_repor… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Rakuten Viber |
Affected:
Rakuten Viber Android 9.3.0.6
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:57:24.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Viber",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rakuten Viber Android 9.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exploitable information disclosure vulnerability exists in the \u0027Secret Chats\u0027 functionality of Rakuten Viber on Android 9.3.0.6. The \u0027Secret Chats\u0027 functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this functionality which leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:07:34.000Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2018-3987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Viber",
"version": {
"version_data": [
{
"version_value": "Rakuten Viber Android 9.3.0.6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable information disclosure vulnerability exists in the \u0027Secret Chats\u0027 functionality of Rakuten Viber on Android 9.3.0.6. The \u0027Secret Chats\u0027 functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this functionality which leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device."
}
]
},
"impact": {
"cvss": {
"baseScore": 4.2,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2018-3987",
"datePublished": "2020-02-12T23:36:14.000Z",
"dateReserved": "2018-01-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T04:57:24.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6024 (GCVE-0-2019-6024)
Vulnerability from cvelistv5 – Published: 2019-12-26 15:16 – Updated: 2024-08-04 20:16
VLAI
Summary
Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user's authentication information via a malicious application created by the third party.
Severity
No CVSS data available.
CWE
- Authentication bypass
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://play.google.com/store/apps/details?id=jp.… | x_refsource_MISC |
| https://apps.apple.com/jp/app/furimaapuri-furiru-… | x_refsource_MISC |
| http://jvn.jp/en/jp/JVN41566067/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rakuten, Inc. | Rakuma App |
Affected:
for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:16:23.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN41566067/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuma App",
"vendor": "Rakuten, Inc.",
"versions": [
{
"status": "affected",
"version": "for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user\u0027s authentication information via a malicious application created by the third party."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-26T15:16:50.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/jp/JVN41566067/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-6024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuma App",
"version": {
"version_data": [
{
"version_value": "for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier"
}
]
}
}
]
},
"vendor_name": "Rakuten, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user\u0027s authentication information via a malicious application created by the third party."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en",
"refsource": "MISC",
"url": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en"
},
{
"name": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998",
"refsource": "MISC",
"url": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998"
},
{
"name": "http://jvn.jp/en/jp/JVN41566067/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN41566067/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-6024",
"datePublished": "2019-12-26T15:16:50.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:16:23.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18800 (GCVE-0-2019-18800)
Vulnerability from cvelistv5 – Published: 2019-11-06 15:34 – Updated: 2024-08-05 02:02
VLAI
Summary
Viber through 11.7.0.5 allows a remote attacker who can capture a victim's internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim's device contains cleartext information such as the device model and OS version, IMSI, and 20 bytes of udid in a binary format, which is located at offset 0x14 of this packet. Then, the attacker installs Viber on his device, initiates the registration process for any phone number, but doesn't enter a pin from SMS. Instead, he closes Viber. Next, the attacker rewrites his udid with the victim's udid, modifying the viber_udid file, which is located in the Viber preferences folder. (The udid is stored in a hexadecimal format.) Finally, the attacker starts Viber again and enters the pin from SMS.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://thesamarkand.tumblr.com/post/188785277609… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Viber through 11.7.0.5 allows a remote attacker who can capture a victim\u0027s internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim\u0027s device contains cleartext information such as the device model and OS version, IMSI, and 20 bytes of udid in a binary format, which is located at offset 0x14 of this packet. Then, the attacker installs Viber on his device, initiates the registration process for any phone number, but doesn\u0027t enter a pin from SMS. Instead, he closes Viber. Next, the attacker rewrites his udid with the victim\u0027s udid, modifying the viber_udid file, which is located in the Viber preferences folder. (The udid is stored in a hexadecimal format.) Finally, the attacker starts Viber again and enters the pin from SMS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-13T16:33:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Viber through 11.7.0.5 allows a remote attacker who can capture a victim\u0027s internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim\u0027s device contains cleartext information such as the device model and OS version, IMSI, and 20 bytes of udid in a binary format, which is located at offset 0x14 of this packet. Then, the attacker installs Viber on his device, initiates the registration process for any phone number, but doesn\u0027t enter a pin from SMS. Instead, he closes Viber. Next, the attacker rewrites his udid with the victim\u0027s udid, modifying the viber_udid file, which is located in the Viber preferences folder. (The udid is stored in a hexadecimal format.) Finally, the attacker starts Viber again and enters the pin from SMS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day",
"refsource": "MISC",
"url": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18800",
"datePublished": "2019-11-06T15:34:07.000Z",
"dateReserved": "2019-11-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12569 (GCVE-0-2019-12569)
Vulnerability from cvelistv5 – Published: 2019-06-03 00:50 – Updated: 2024-08-04 23:24
VLAI
Summary
A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user, if the attacker can place a crafted library in a directory that is accessible to the vulnerable system.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/active-labs/Advisories/blob/ma… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:38.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user, if the attacker can place a crafted library in a directory that is accessible to the vulnerable system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T18:19:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user, if the attacker can place a crafted library in a directory that is accessible to the vulnerable system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md",
"refsource": "MISC",
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12569",
"datePublished": "2019-06-03T00:50:00.000Z",
"dateReserved": "2019-06-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:24:38.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-202205-1606
Vulnerability from variot - Updated: 2024-04-18 13:10Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation. Rakuten Mobile Rakuten Casa is a small base station of Rakuten Mobile in Japan. Used to improve radio wave conditions for users.
Rakuten Mobile Rakuten Casa AP_F_V2_0_0 and AP_F_V1_4_1 versions have a trust management issue vulnerability, which is caused by hard-coded credentials in the application code. An unauthenticated remote attacker could exploit this vulnerability to gain full access to a vulnerable system using hard-coded credentials
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-1606",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "casa",
"scope": "eq",
"trust": 1.0,
"vendor": "rakuten",
"version": "ap_f_v2_0_0"
},
{
"model": "casa",
"scope": "eq",
"trust": 1.0,
"vendor": "rakuten",
"version": "ap_f_v1_4_1"
},
{
"model": "mobile rakuten casa ap f v2 0 0",
"scope": null,
"trust": 0.6,
"vendor": "rakuten",
"version": null
},
{
"model": "mobile rakuten casa ap f v1 4 1",
"scope": null,
"trust": 0.6,
"vendor": "rakuten",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77817"
},
{
"db": "NVD",
"id": "CVE-2022-29525"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rakuten:casa:ap_f_v2_0_0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rakuten:casa:ap_f_v1_4_1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-29525"
}
]
},
"cve": "CVE-2022-29525",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-77817",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-29525",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2022-77817",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-3823",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77817"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3823"
},
{
"db": "NVD",
"id": "CVE-2022-29525"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation. Rakuten Mobile Rakuten Casa is a small base station of Rakuten Mobile in Japan. Used to improve radio wave conditions for users. \n\r\n\r\nRakuten Mobile Rakuten Casa AP_F_V2_0_0 and AP_F_V1_4_1 versions have a trust management issue vulnerability, which is caused by hard-coded credentials in the application code. An unauthenticated remote attacker could exploit this vulnerability to gain full access to a vulnerable system using hard-coded credentials",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-29525"
},
{
"db": "CNVD",
"id": "CNVD-2022-77817"
},
{
"db": "VULMON",
"id": "CVE-2022-29525"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-29525",
"trust": 2.3
},
{
"db": "JVN",
"id": "JVN46892984",
"trust": 1.7
},
{
"db": "CS-HELP",
"id": "SB2022051910",
"trust": 1.2
},
{
"db": "CNVD",
"id": "CNVD-2022-77817",
"trust": 0.6
},
{
"db": "JVNDB",
"id": "JVNDB-2022-000036",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3823",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-29525",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77817"
},
{
"db": "VULMON",
"id": "CVE-2022-29525"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3823"
},
{
"db": "NVD",
"id": "CVE-2022-29525"
}
]
},
"id": "VAR-202205-1606",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77817"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77817"
}
]
},
"last_update_date": "2024-04-18T13:10:56.052000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Rakuten Mobile Rakuten Casa Trust Management Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/349126"
},
{
"title": "Rakuten Mobile Rakuten Casa Repair measures for trust management problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=197082"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77817"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3823"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-29525"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://jvn.jp/en/jp/jvn46892984/index.html"
},
{
"trust": 1.7,
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"trust": 1.2,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051910"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-29525/"
},
{
"trust": 0.6,
"url": "https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-000036.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77817"
},
{
"db": "VULMON",
"id": "CVE-2022-29525"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3823"
},
{
"db": "NVD",
"id": "CVE-2022-29525"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-77817"
},
{
"db": "VULMON",
"id": "CVE-2022-29525"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3823"
},
{
"db": "NVD",
"id": "CVE-2022-29525"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-77817"
},
{
"date": "2022-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2022-29525"
},
{
"date": "2022-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3823"
},
{
"date": "2022-06-13T05:15:11.313000",
"db": "NVD",
"id": "CVE-2022-29525"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-77817"
},
{
"date": "2022-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2022-29525"
},
{
"date": "2022-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3823"
},
{
"date": "2022-06-22T14:44:46.890000",
"db": "NVD",
"id": "CVE-2022-29525"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3823"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rakuten Mobile Rakuten Casa Trust Management Issue Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77817"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3823"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3823"
}
],
"trust": 0.6
}
}
VAR-202205-1608
Vulnerability from variot - Updated: 2024-04-18 13:10Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings. Rakuten Mobile Rakuten Casa is a small base station of Rakuten Mobile in Japan. Used to improve radio wave conditions for users.
Rakuten Mobile Rakuten Casa AP_F_V2_0_0 and AP_F_V1_4_1 versions have an access control error vulnerability, which is caused by improper access restrictions. A remote attacker could bypass enforced security restrictions and gain unauthorized access to sensitive information on the system. An attacker could exploit this vulnerability to remotely gain unauthorized access to otherwise restricted functionality
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-1608",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "casa",
"scope": "eq",
"trust": 1.0,
"vendor": "rakuten",
"version": "ap_f_v2_0_0"
},
{
"model": "casa",
"scope": "eq",
"trust": 1.0,
"vendor": "rakuten",
"version": "ap_f_v1_4_1"
},
{
"model": "mobile rakuten casa ap f v2 0 0",
"scope": null,
"trust": 0.6,
"vendor": "rakuten",
"version": null
},
{
"model": "mobile rakuten casa ap f v1 4 1",
"scope": null,
"trust": 0.6,
"vendor": "rakuten",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77811"
},
{
"db": "NVD",
"id": "CVE-2022-28704"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rakuten:casa:ap_f_v2_0_0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rakuten:casa:ap_f_v1_4_1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28704"
}
]
},
"cve": "CVE-2022-28704",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2022-77811",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-28704",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-77811",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-3821",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77811"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3821"
},
{
"db": "NVD",
"id": "CVE-2022-28704"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings. Rakuten Mobile Rakuten Casa is a small base station of Rakuten Mobile in Japan. Used to improve radio wave conditions for users. \n\r\n\r\nRakuten Mobile Rakuten Casa AP_F_V2_0_0 and AP_F_V1_4_1 versions have an access control error vulnerability, which is caused by improper access restrictions. A remote attacker could bypass enforced security restrictions and gain unauthorized access to sensitive information on the system. An attacker could exploit this vulnerability to remotely gain unauthorized access to otherwise restricted functionality",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28704"
},
{
"db": "CNVD",
"id": "CNVD-2022-77811"
},
{
"db": "VULMON",
"id": "CVE-2022-28704"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-28704",
"trust": 2.3
},
{
"db": "JVN",
"id": "JVN46892984",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2022-77811",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051910",
"trust": 0.6
},
{
"db": "JVNDB",
"id": "JVNDB-2022-000036",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3821",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-28704",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77811"
},
{
"db": "VULMON",
"id": "CVE-2022-28704"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3821"
},
{
"db": "NVD",
"id": "CVE-2022-28704"
}
]
},
"id": "VAR-202205-1608",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77811"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77811"
}
]
},
"last_update_date": "2024-04-18T13:10:56.026000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Rakuten Mobile Rakuten Casa Access Control Error Vulnerability (CNVD-2022-77811)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/349131"
},
{
"title": "Rakuten Mobile Rakuten Casa Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=197081"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77811"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3821"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28704"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://jvn.jp/en/jp/jvn46892984/index.html"
},
{
"trust": 1.7,
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2022-28704"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051910"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-28704/"
},
{
"trust": 0.6,
"url": "https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-000036.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77811"
},
{
"db": "VULMON",
"id": "CVE-2022-28704"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3821"
},
{
"db": "NVD",
"id": "CVE-2022-28704"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-77811"
},
{
"db": "VULMON",
"id": "CVE-2022-28704"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3821"
},
{
"db": "NVD",
"id": "CVE-2022-28704"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-77811"
},
{
"date": "2022-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2022-28704"
},
{
"date": "2022-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3821"
},
{
"date": "2022-06-13T05:15:11.270000",
"db": "NVD",
"id": "CVE-2022-28704"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-77811"
},
{
"date": "2022-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2022-28704"
},
{
"date": "2022-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3821"
},
{
"date": "2023-08-08T14:21:49.707000",
"db": "NVD",
"id": "CVE-2022-28704"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3821"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rakuten Mobile Rakuten Casa Access Control Error Vulnerability (CNVD-2022-77811)",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77811"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3821"
}
],
"trust": 0.6
}
}
VAR-202205-1607
Vulnerability from variot - Updated: 2024-04-18 13:10Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default. Rakuten Mobile Rakuten Casa is a small base station of Rakuten Mobile in Japan. Used to improve radio wave conditions for users.
Rakuten Mobile Rakuten Casa AP_F_V2_0_0 and AP_F_V1_4_1 versions have an access control error vulnerability, which is caused by improper access restrictions. A remote attacker could exploit this vulnerability to bypass enforced security restrictions and gain unauthorized access to sensitive information on the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-1607",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "casa",
"scope": "eq",
"trust": 1.0,
"vendor": "rakuten",
"version": "ap_f_v2_0_0"
},
{
"model": "casa",
"scope": "eq",
"trust": 1.0,
"vendor": "rakuten",
"version": "ap_f_v1_4_1"
},
{
"model": "mobile rakuten casa ap f v2 0 0",
"scope": null,
"trust": 0.6,
"vendor": "rakuten",
"version": null
},
{
"model": "mobile rakuten casa ap f v1 4 1",
"scope": null,
"trust": 0.6,
"vendor": "rakuten",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77816"
},
{
"db": "NVD",
"id": "CVE-2022-26834"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rakuten:casa:ap_f_v2_0_0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rakuten:casa:ap_f_v1_4_1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-26834"
}
]
},
"cve": "CVE-2022-26834",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-77816",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2022-26834",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-26834",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-77816",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-3822",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-26834",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77816"
},
{
"db": "VULMON",
"id": "CVE-2022-26834"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3822"
},
{
"db": "NVD",
"id": "CVE-2022-26834"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default. Rakuten Mobile Rakuten Casa is a small base station of Rakuten Mobile in Japan. Used to improve radio wave conditions for users. \n\r\n\r\nRakuten Mobile Rakuten Casa AP_F_V2_0_0 and AP_F_V1_4_1 versions have an access control error vulnerability, which is caused by improper access restrictions. A remote attacker could exploit this vulnerability to bypass enforced security restrictions and gain unauthorized access to sensitive information on the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-26834"
},
{
"db": "CNVD",
"id": "CNVD-2022-77816"
},
{
"db": "VULMON",
"id": "CVE-2022-26834"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-26834",
"trust": 2.3
},
{
"db": "JVN",
"id": "JVN46892984",
"trust": 1.7
},
{
"db": "CS-HELP",
"id": "SB2022051910",
"trust": 1.2
},
{
"db": "CNVD",
"id": "CNVD-2022-77816",
"trust": 0.6
},
{
"db": "JVNDB",
"id": "JVNDB-2022-000036",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3822",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-26834",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77816"
},
{
"db": "VULMON",
"id": "CVE-2022-26834"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3822"
},
{
"db": "NVD",
"id": "CVE-2022-26834"
}
]
},
"id": "VAR-202205-1607",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77816"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77816"
}
]
},
"last_update_date": "2024-04-18T13:10:56Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Rakuten Mobile Rakuten Casa Access Control Error Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/349121"
},
{
"title": "Rakuten Mobile Rakuten Casa Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=196947"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77816"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3822"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-26834"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://jvn.jp/en/jp/jvn46892984/index.html"
},
{
"trust": 1.7,
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"trust": 1.2,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051910"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-26834/"
},
{
"trust": 0.6,
"url": "https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-000036.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/863.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77816"
},
{
"db": "VULMON",
"id": "CVE-2022-26834"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3822"
},
{
"db": "NVD",
"id": "CVE-2022-26834"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-77816"
},
{
"db": "VULMON",
"id": "CVE-2022-26834"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3822"
},
{
"db": "NVD",
"id": "CVE-2022-26834"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-77816"
},
{
"date": "2022-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2022-26834"
},
{
"date": "2022-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3822"
},
{
"date": "2022-06-13T05:15:11.143000",
"db": "NVD",
"id": "CVE-2022-26834"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-77816"
},
{
"date": "2022-06-21T00:00:00",
"db": "VULMON",
"id": "CVE-2022-26834"
},
{
"date": "2022-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3822"
},
{
"date": "2023-08-08T14:22:24.967000",
"db": "NVD",
"id": "CVE-2022-26834"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3822"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rakuten Mobile Rakuten Casa Access Control Error Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-77816"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3822"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3822"
}
],
"trust": 0.6
}
}