Search criteria
10 vulnerabilities by rakuten
CVE-2025-55996 (GCVE-0-2025-55996)
Vulnerability from cvelistv5 – Published: 2025-09-12 00:00 – Updated: 2025-09-12 15:48
VLAI?
Summary
Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface
Severity ?
6.3 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-55996",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-12T15:46:56.114657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T15:48:01.652Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-12T15:02:57.404Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/thawkhant/viber-desktop-html-injection"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-55996",
"datePublished": "2025-09-12T00:00:00.000Z",
"dateReserved": "2025-08-16T00:00:00.000Z",
"dateUpdated": "2025-09-12T15:48:01.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-41918 (GCVE-0-2024-41918)
Vulnerability from cvelistv5 – Published: 2024-08-29 02:47 – Updated: 2024-08-29 23:58
VLAI?
Summary
'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten Ichiba App' for iOS 11.7.0 and earlier are vulnerable to improper authorization in handler for custom URL scheme. An arbitrary site may be displayed on the WebView of the product via Intent from another application installed on the user's device. As a result, the user may be redirected to an unauthorized site, and the user may become a victim of a phishing attack.
Severity ?
CWE
- Improper authorization in handler for custom URL scheme
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Rakuten Group, Inc. | 'Rakuten Ichiba App' for Android |
Affected:
12.4.0 and earlier
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:rakuten:ichiba:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ichiba",
"vendor": "rakuten",
"versions": [
{
"lessThan": "12.4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41918",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:48:47.314508Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-939",
"description": "CWE-939 Improper Authorization in Handler for Custom URL Scheme",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:48:51.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "\u0027Rakuten Ichiba App\u0027 for Android",
"vendor": "Rakuten Group, Inc.",
"versions": [
{
"status": "affected",
"version": "12.4.0 and earlier"
}
]
},
{
"product": "\u0027Rakuten Ichiba App\u0027 for iOS",
"vendor": "Rakuten Group, Inc.",
"versions": [
{
"status": "affected",
"version": "11.7.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\u0027Rakuten Ichiba App\u0027 for Android 12.4.0 and earlier and \u0027Rakuten Ichiba App\u0027 for iOS 11.7.0 and earlier are vulnerable to improper authorization in handler for custom URL scheme. An arbitrary site may be displayed on the WebView of the product via Intent from another application installed on the user\u0027s device. As a result, the user may be redirected to an unauthorized site, and the user may become a victim of a phishing attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper authorization in handler for custom URL scheme",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T23:58:41.985Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://play.google.com/store/apps/details?id=jp.co.rakuten.android\u0026hl=en"
},
{
"url": "https://apps.apple.com/jp/app/id419267350"
},
{
"url": "https://jvn.jp/en/jp/JVN56648919/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-41918",
"datePublished": "2024-08-29T02:47:19.480Z",
"dateReserved": "2024-07-25T00:40:40.647Z",
"dateUpdated": "2024-08-29T23:58:41.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29525 (GCVE-0-2022-29525)
Vulnerability from cvelistv5 – Published: 2022-06-13 04:50 – Updated: 2024-08-03 06:26
VLAI?
Summary
Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation.
Severity ?
No CVSS data available.
CWE
- Use of Hard-coded credentials
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rakuten Mobile, Inc. | Rakuten Casa |
Affected:
version AP_F_V1_4_1 or AP_F_V2_0_0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Casa",
"vendor": "Rakuten Mobile, Inc.",
"versions": [
{
"status": "affected",
"version": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T04:50:33",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-29525",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Casa",
"version": {
"version_data": [
{
"version_value": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
}
]
},
"vendor_name": "Rakuten Mobile, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://network.mobile.rakuten.co.jp/information/news/product/1033/",
"refsource": "MISC",
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"name": "https://jvn.jp/en/jp/JVN46892984/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-29525",
"datePublished": "2022-06-13T04:50:33",
"dateReserved": "2022-05-13T00:00:00",
"dateUpdated": "2024-08-03T06:26:05.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28704 (GCVE-0-2022-28704)
Vulnerability from cvelistv5 – Published: 2022-06-13 04:50 – Updated: 2024-08-03 06:03
VLAI?
Summary
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings.
Severity ?
No CVSS data available.
CWE
- Improper Access Control
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rakuten Mobile, Inc. | Rakuten Casa |
Affected:
version AP_F_V1_4_1 or AP_F_V2_0_0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Casa",
"vendor": "Rakuten Mobile, Inc.",
"versions": [
{
"status": "affected",
"version": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T04:50:31",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-28704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Casa",
"version": {
"version_data": [
{
"version_value": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
}
]
},
"vendor_name": "Rakuten Mobile, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connected to the Internet with the authentication information unchanged from the default settings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://network.mobile.rakuten.co.jp/information/news/product/1033/",
"refsource": "MISC",
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"name": "https://jvn.jp/en/jp/JVN46892984/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-28704",
"datePublished": "2022-06-13T04:50:32",
"dateReserved": "2022-05-13T00:00:00",
"dateUpdated": "2024-08-03T06:03:52.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26834 (GCVE-0-2022-26834)
Vulnerability from cvelistv5 – Published: 2022-06-13 04:50 – Updated: 2024-08-03 05:11
VLAI?
Summary
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default.
Severity ?
No CVSS data available.
CWE
- Improper Access Control
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rakuten Mobile, Inc. | Rakuten Casa |
Affected:
version AP_F_V1_4_1 or AP_F_V2_0_0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:11:44.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuten Casa",
"vendor": "Rakuten Mobile, Inc.",
"versions": [
{
"status": "affected",
"version": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T04:50:27",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-26834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuten Casa",
"version": {
"version_data": [
{
"version_value": "version AP_F_V1_4_1 or AP_F_V2_0_0"
}
]
}
}
]
},
"vendor_name": "Rakuten Mobile, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote attacker to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://network.mobile.rakuten.co.jp/information/news/product/1033/",
"refsource": "MISC",
"url": "https://network.mobile.rakuten.co.jp/information/news/product/1033/"
},
{
"name": "https://jvn.jp/en/jp/JVN46892984/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN46892984/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-26834",
"datePublished": "2022-06-13T04:50:27",
"dateReserved": "2022-05-13T00:00:00",
"dateUpdated": "2024-08-03T05:11:44.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14049 (GCVE-0-2020-14049)
Vulnerability from cvelistv5 – Published: 2020-06-22 17:27 – Updated: 2024-08-04 12:32
VLAI?
Summary
Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.viber.com/en/security/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jeffs.sh/CVEs/CVE-2020-14049.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-22T17:27:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.viber.com/en/security/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jeffs.sh/CVEs/CVE-2020-14049.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-14049",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.viber.com/en/security/",
"refsource": "MISC",
"url": "https://www.viber.com/en/security/"
},
{
"name": "https://jeffs.sh/CVEs/CVE-2020-14049.txt",
"refsource": "MISC",
"url": "https://jeffs.sh/CVEs/CVE-2020-14049.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-14049",
"datePublished": "2020-06-22T17:27:35",
"dateReserved": "2020-06-12T00:00:00",
"dateUpdated": "2024-08-04T12:32:14.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-3987 (GCVE-0-2018-3987)
Vulnerability from cvelistv5 – Published: 2020-02-12 23:36 – Updated: 2024-08-05 04:57
VLAI?
Summary
An exploitable information disclosure vulnerability exists in the 'Secret Chats' functionality of Rakuten Viber on Android 9.3.0.6. The 'Secret Chats' functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this functionality which leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device.
Severity ?
4.2 (Medium)
CWE
- information disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Rakuten Viber |
Affected:
Rakuten Viber Android 9.3.0.6
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:57:24.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": " Rakuten Viber",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Rakuten Viber Android 9.3.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exploitable information disclosure vulnerability exists in the \u0027Secret Chats\u0027 functionality of Rakuten Viber on Android 9.3.0.6. The \u0027Secret Chats\u0027 functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this functionality which leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:07:34",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2018-3987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": " Rakuten Viber",
"version": {
"version_data": [
{
"version_value": "Rakuten Viber Android 9.3.0.6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable information disclosure vulnerability exists in the \u0027Secret Chats\u0027 functionality of Rakuten Viber on Android 9.3.0.6. The \u0027Secret Chats\u0027 functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this functionality which leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device."
}
]
},
"impact": {
"cvss": {
"baseScore": 4.2,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0655"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2018-3987",
"datePublished": "2020-02-12T23:36:14",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T04:57:24.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6024 (GCVE-0-2019-6024)
Vulnerability from cvelistv5 – Published: 2019-12-26 15:16 – Updated: 2024-08-04 20:16
VLAI?
Summary
Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user's authentication information via a malicious application created by the third party.
Severity ?
No CVSS data available.
CWE
- Authentication bypass
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rakuten, Inc. | Rakuma App |
Affected:
for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:16:23.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN41566067/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuma App",
"vendor": "Rakuten, Inc.",
"versions": [
{
"status": "affected",
"version": "for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user\u0027s authentication information via a malicious application created by the third party."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-26T15:16:50",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/jp/JVN41566067/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-6024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuma App",
"version": {
"version_data": [
{
"version_value": "for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier"
}
]
}
}
]
},
"vendor_name": "Rakuten, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user\u0027s authentication information via a malicious application created by the third party."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en",
"refsource": "MISC",
"url": "https://play.google.com/store/apps/details?id=jp.co.fablic.fril\u0026hl=en"
},
{
"name": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998",
"refsource": "MISC",
"url": "https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998"
},
{
"name": "http://jvn.jp/en/jp/JVN41566067/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN41566067/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-6024",
"datePublished": "2019-12-26T15:16:50",
"dateReserved": "2019-01-10T00:00:00",
"dateUpdated": "2024-08-04T20:16:23.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18800 (GCVE-0-2019-18800)
Vulnerability from cvelistv5 – Published: 2019-11-06 15:34 – Updated: 2024-08-05 02:02
VLAI?
Summary
Viber through 11.7.0.5 allows a remote attacker who can capture a victim's internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim's device contains cleartext information such as the device model and OS version, IMSI, and 20 bytes of udid in a binary format, which is located at offset 0x14 of this packet. Then, the attacker installs Viber on his device, initiates the registration process for any phone number, but doesn't enter a pin from SMS. Instead, he closes Viber. Next, the attacker rewrites his udid with the victim's udid, modifying the viber_udid file, which is located in the Viber preferences folder. (The udid is stored in a hexadecimal format.) Finally, the attacker starts Viber again and enters the pin from SMS.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Viber through 11.7.0.5 allows a remote attacker who can capture a victim\u0027s internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim\u0027s device contains cleartext information such as the device model and OS version, IMSI, and 20 bytes of udid in a binary format, which is located at offset 0x14 of this packet. Then, the attacker installs Viber on his device, initiates the registration process for any phone number, but doesn\u0027t enter a pin from SMS. Instead, he closes Viber. Next, the attacker rewrites his udid with the victim\u0027s udid, modifying the viber_udid file, which is located in the Viber preferences folder. (The udid is stored in a hexadecimal format.) Finally, the attacker starts Viber again and enters the pin from SMS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-13T16:33:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Viber through 11.7.0.5 allows a remote attacker who can capture a victim\u0027s internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim\u0027s device contains cleartext information such as the device model and OS version, IMSI, and 20 bytes of udid in a binary format, which is located at offset 0x14 of this packet. Then, the attacker installs Viber on his device, initiates the registration process for any phone number, but doesn\u0027t enter a pin from SMS. Instead, he closes Viber. Next, the attacker rewrites his udid with the victim\u0027s udid, modifying the viber_udid file, which is located in the Viber preferences folder. (The udid is stored in a hexadecimal format.) Finally, the attacker starts Viber again and enters the pin from SMS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day",
"refsource": "MISC",
"url": "https://thesamarkand.tumblr.com/post/188785277609/viber-messenger-remote-account-reset-0day"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18800",
"datePublished": "2019-11-06T15:34:07",
"dateReserved": "2019-11-06T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12569 (GCVE-0-2019-12569)
Vulnerability from cvelistv5 – Published: 2019-06-03 00:50 – Updated: 2024-08-04 23:24
VLAI?
Summary
A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user, if the attacker can place a crafted library in a directory that is accessible to the vulnerable system.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:38.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user, if the attacker can place a crafted library in a directory that is accessible to the vulnerable system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T18:19:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user, if the attacker can place a crafted library in a directory that is accessible to the vulnerable system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md",
"refsource": "MISC",
"url": "https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-006.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12569",
"datePublished": "2019-06-03T00:50:00",
"dateReserved": "2019-06-02T00:00:00",
"dateUpdated": "2024-08-04T23:24:38.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}