← back
CVE-2017-15581

CVE-2017-15581

EPSS 0.9%
In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other encryption is used for transmitting data, despite the documentation that the product is intended for "a personal journal of ... secrets and feelings," which allows remote attackers to obtain sensitive information by sniffing the network during LoginActivity or NoteActivity execution.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://1337sec.blogspot.de/2017/10/auditing-writediarycom-cve-2017-15581.htmlhttps://gist.github.com/anonymous/603b89f864a71426042b167cab557efa