Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage.
References
Link | Resource |
---|---|
https://vrls.ws/posts/2021/02/cve-2021-25648-mobile-application-testes-de-codigo-privilege-escalation/ | Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-02-16T14:45:08
Updated: 2021-02-16T14:45:08
Reserved: 2021-01-21T00:00:00
Link: CVE-2021-25648
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-02-16T15:15:13.587
Modified: 2023-08-08T14:22:24.967
Link: CVE-2021-25648
JSON object: View
Redhat Information
No data.
CWE